CVE-2020-28487 – This affects the package vis-timeline before 7.4.4. An attacker with the ability to contr …

Vuln ID: CVE-2020-28487

Published:  2021-01-22  18:15:12Z

Description: This affects the package vis-timeline before 7.4.4.
An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application.

Source: NVD.NIST.GOV