npm

Severity: low

Potential for Script Injection

syntax-error

Overview

Versions of syntax-error prior to 1.1.1 are affected by a cross-site scripting vulnerability which may allow a malicious file to execute code when browserified.

Remediation

Update to version 1.1.1 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. reported

    Initial report by Cal Leeming
    Oct 17th, 2015
  2. published

    Advisory published
    Jul 15th, 2014