XSS
Moderate severity
GitHub Reviewed
Published
Feb 25, 2021
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Withdrawn
This advisory was withdrawn on Feb 25, 2021
Description
Reviewed
May 22, 2019
Published to the GitHub Advisory Database
Feb 25, 2021
Withdrawn
Feb 25, 2021
Last updated
Jan 9, 2023
Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc.
Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older.
References