Severity: low

Potential for Script Injection



Versions of syntax-error prior to 1.1.1 are affected by a cross-site scripting vulnerability which may allow a malicious file to execute code when browserified.


Update to version 1.1.1 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory published
    Jul 15th, 2014
  2. reported

    Initial report by Cal Leeming
    Oct 17th, 2015