Hello, i want to update list.js.
Old list.js have issue:
"The list.js package is vulnerable to Cross-Site Scripting (XSS) attacks. The add() function in index.js adds item objects to a list object without performing any checks in the contents being passed in the value parameter. An attacker who can supply input to the add() function could use it to store a malicious JavaScript payload. If the list object is then rendered in HTML, this would result in script execution."
Hello, i want to update list.js. Old list.js have issue: "The list.js package is vulnerable to Cross-Site Scripting (XSS) attacks. The add() function in index.js adds item objects to a list object without performing any checks in the contents being passed in the value parameter. An attacker who can supply input to the add() function could use it to store a malicious JavaScript payload. If the list object is then rendered in HTML, this would result in script execution."
I hope latest version fix it.
Update to version 2.3.1: https://raw.githubusercontent.com/javve/list.js/v2.3.1/dist/list.min.js