Skip to content

[Aikido] Fix security issue in webpack via minor version upgrade from 5.92.1 to 5.94.0 in core#16

Open
aikido-autofix[bot] wants to merge 1 commit into
11.xfrom
fix/aikido-security-update-packages-16007282-sdQe
Open

[Aikido] Fix security issue in webpack via minor version upgrade from 5.92.1 to 5.94.0 in core#16
aikido-autofix[bot] wants to merge 1 commit into
11.xfrom
fix/aikido-security-update-packages-16007282-sdQe

Conversation

@aikido-autofix

Copy link
Copy Markdown

$TASK_REF

Upgrade webpack to mitigate critical XSS vulnerability via DOM Clobbering, preventing potential script injection and cross-site scripting attacks.

✅ 1 CVE resolved by this upgrade

This PR will resolve the following CVEs:

Issue Severity           Description
AIKIDO-2024-10289
MEDIUM
[webpack] DOM Clobbering vulnerability allows XSS via unsanitized HTML elements, potentially enabling attackers to inject malicious scripts into web pages by manipulating element attributes like name.

@aikido-autofix aikido-autofix Bot added bug Something isn't working documentation Improvements or additions to documentation labels Feb 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working documentation Improvements or additions to documentation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants