- Issue created by @prudloff
The Drupal 7 version of this module contains a copy of an old version of tarteaucitron: https://git.drupalcode.org/project/blizz_vanisher/-/tree/7.x-1.x/js/tart...
(I could not find the exact version but it is from 2018.)
This version has multiple known vulnerabilities: https://security.snyk.io/package/npm/tarteaucitronjs
Update to a more recent version.
Active
1.0
Code
It is used for security vulnerabilities which do not need a security advisory. For example, security issues in projects which do not have security advisory coverage, or forward-porting a change already disclosed in a security advisory. See Drupal’s security advisory policy for details. Be careful publicly disclosing security vulnerabilities! Use the “Report a security vulnerability” link in the project page’s sidebar. See how to report a security issue for details.