Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package yui, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2013-4939 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.0.0 through 3.9.1, as used in Moodle through…
CVE-2013-4940 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.10.2, as used in Moodle through 2.1.10…
CVE-2013-4941 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle…
CVE-2013-4942 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in flashuploader.swf in the Uploader component in Yahoo! YUI 3.5.0 through 3.9.1, as used in…