search

RetireJS / retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
https://retirejs.github.io/retire.js/
Other
3.6k stars 412 forks source link

Added vulnerable Highcharts detection on version below 9.0.0 #412

Closed ghsec closed 1 year ago

ghsec commented 1 year ago

Affecting Highcharts package, versions <9.0.0 They are vulnerable to XSS and prototype pollution 

eoftedal commented 1 year ago

Commits have to be signed

eoftedal commented 1 year ago

If you don't want to do that, I can copy it over manually

eoftedal commented 1 year ago

I adjusted the extractors and added you as a co-author on the commit.

eoftedal commented 1 year ago

Thanks for submitting!

ghsec commented 1 year ago

Thank you too