jquery-form

vulnerability cross-site scripting (xss)

severity 9.8

language javascript

registry npm

Overview

jquery-form is a jQuery plugin that allows you to upgrade HTML forms to use AJAX.

This package is vulnerable to Cross-site Scripting (XSS). This package does not sanitise AJAX responses before rendering them, therefore an attacker could potentially inject malicious HTML code into the page.

References

GitHub Issue
GitHub Issue