search

SoftwareBrothers / adminjs

AdminJS is an admin panel for apps written in node.js
https://adminjs.co
MIT License
8.26k stars 666 forks source link

I have got 4 moderate vulnerabilities when I installed latest version(7.8.1) of adminjs #1676

Open dawit2123 opened 4 months ago

dawit2123 commented 4 months ago

Contact Details

No response

What happened?

I have got 4 moderate vulnerabilities when I installed latest version(7.8.1) of adminjs The report is: # npm audit report tinymce <7.0.0 Severity: moderate TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements - node_modules/tinymce @tinymce/tinymce-react 3.8.0 - 4.3.2 Depends on vulnerable versions of tinymce node_modules/@tinymce/tinymce-react @adminjs/design-system >=4.1.0 Depends on vulnerable versions of @tinymce/tinymce-react node_modules/@adminjs/design-system adminjs >=7.7.0 Depends on vulnerable versions of @adminjs/design-system node_modules/adminjs 4 moderate severity vulnerabilities

Bug prevalence

1

AdminJS dependencies version

7.8.1

What browsers do you see the problem on?

No response

Relevant log output

The report is: # npm audit report
tinymce <7.0.0
Severity: moderate
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements -
node_modules/tinymce
  @tinymce/tinymce-react 3.8.0 - 4.3.2
  Depends on vulnerable versions of tinymce
  node_modules/@tinymce/tinymce-react
    @adminjs/design-system >=4.1.0
    Depends on vulnerable versions of @tinymce/tinymce-react
    node_modules/@adminjs/design-system
      adminjs >=7.7.0
      Depends on vulnerable versions of @adminjs/design-system
      node_modules/adminjs
4 moderate severity vulnerabilities

Relevant code that's giving you issues

No response

windswept321 commented 1 month ago

Any comment on this? It was opened a while ago and I have the same issue now.