You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This vulnerability is associated with the HTML report files generated by istanbul when running jest with the --coverage flag. I don't believe it's particularly impactful.
info Reasons this module exists
- "_project_#@backstage#backend-common#jest#@jest#core#@jest#reporters" depends on it
- Hoisted from "_project_#@backstage#backend-common#jest#@jest#core#@jest#reporters#istanbul-reports"
Affecting Packages/Plugins
Overview
Affected versions of this package are vulnerable to Reverse Tabnabbing because of no
rel
attribute in the link tohttps://istanbul.js.org/
.Remediation
Upgrade
istanbul-reports
to version 3.1.3 or higher.References
The text was updated successfully, but these errors were encountered: