VulnerableCode Package Details - pkg:npm/auth0-lock@11.26.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/auth0-lock@11.26.0

purl	pkg:npm/auth0-lock@11.26.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-2r6q-ehzz-6yb4	Cross-site Scripting In auth0-lock `dangerouslySetInnerHTML` is used to update the DOM. When `dangerouslySetInnerHTML` is used, the application and its users might be exposed to cross-site scripting (XSS) attacks.	CVE-2020-15119 GHSA-6gg3-pmm7-97xc

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T16:20:10.707720+00:00	GitLab Importer	Fixing	VCID-2r6q-ehzz-6yb4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/auth0-lock/CVE-2020-15119.yml	38.6.0