Skip to content

[BUG] Paper.js has a XSS vulnerability with Project.importSVG() #168

Description

@InternetAstronaut

paperjs/paper.js#2100

This vulnerability has been reported in the Paper.js repository by @GarboMuffin (e.g.: the guy that makes turbowarp), not only this but the general abandonment of development on Paper.js has me worried that we should consider migrating or re-making the 'view' part of Candlestick.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions