search

wire-elements / wire-extender

Wire Extender allows you to embed any Livewire component on any website or even within a static HTML file.
https://wire-elements.dev/blog/embed-livewire-components-using-wire-extender
MIT License
246 stars 9 forks source link

Package Depends on a Vulnerable Livewire Version #5

Closed kaptk2 closed 7 months ago

kaptk2 commented 7 months ago

Livewire 3.4.7 contains an XSS vulnerability. The livewire version should be updated to be 3.4.9 or greater.

PhiloNL commented 7 months ago

Thanks! You are correct but I believe that this is the responsibility of developers themselves and not for this package to enforce.

kaptk2 commented 7 months ago

@PhiloNL Yep, I see it was corrected in commit de6886c I just had an outdated repo. Sorry for the spam