Vulnerabilities > Svelte > Svelte
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-25875 | Cross-site Scripting vulnerability in Svelte The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). | 4.3 |
| 2021-04-05 | CVE-2021-29261 | Unspecified vulnerability in Svelte The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration. network svelte | 6.8 |