[Snyk] Upgrade xmldom from 0.1.31 to 0.6.0

[snyk-bot]

Snyk has created this PR to upgrade xmldom from 0.1.31 to 0.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2021-04-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	XML External Entity (XXE) Injection SNYK-JS-XMLDOM-1084960	40/1000 Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00156, Social Trends: No, Days since published: 791, Reachable: No, Direct dependency: No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: xmldom

• 0.6.0 - 2021-04-17
• 0.5.0 - 2021-03-09
• 0.4.0 - 2020-10-27
• 0.3.0 - 2020-03-04
• 0.2.1 - 2019-12-20
• 0.2.0 - 2019-12-20
• 0.1.31 - 2019-12-19

from xmldom GitHub release notes

Commit messages

Package name: xmldom

• c80a161 xmldon version 0.6.0
• bc36efd chore: regenerate package-lock.json
• 8a92704 Update eslint -> ^7.23.0 - devDependencies ((Guide) Implementation of server at cloudfoundry Ylianst/MeshCentral#202)
• b12106e Update @ stryker-mutator/core -> ^4.5.1 - devDependencies (meshcmd can't apply cira_setup.mescript that works remotely Ylianst/MeshCentral#192)
• af4642e docs: Update Changelog (U2F keys not adding Ylianst/MeshCentral#197)
• 5869d76 test(stryker): Replace line numbers by error index (Production mode in Ubuntu Ylianst/MeshCentral#201)
• a681852 fix: Escape `<` when serializing attribute values (Zoom Capability Ylianst/MeshCentral#199)
• bb12247 Update eslint-config-prettier -> 8 - devDependencies (Feature request: Open website from meshcentral router Ylianst/MeshCentral#187)
• 48c51b3 Update eslint -> ^7.22.0 - devDependencies (Assigned device group on user edit Ylianst/MeshCentral#185)
• 82b0481 refactor!: Avoid empty namespace value like xmlns:ds="" ([0.3.1-x] Remote "Desktop" view - cuts bottom of full screen Ylianst/MeshCentral#168)
• fa67fcf chore: set version to 0.5.1-dev in package*.json
• f763b00 xmldom version 0.5.0
• d4201b9 Merge pull request from GHSA-h6q6-9hqw-rwfv
• a4d717c Update MDN links in readme.md (Feature Request: Distribute Meshcentral router with Meshcentral Ylianst/MeshCentral#188)
• e984b3f Update @ stryker-mutator/core -> ^4.4.1 - devDependencies (add remote CLI access for AMT powerstates or SSH option? Ylianst/MeshCentral#184)
• c762161 Update stryker monorepo (major) (Remote Desktop Settings don't hold their values Ylianst/MeshCentral#140)
• fd47c51 Fix breaking preprocessors' directives when parsing attributes (fixing invisible content and page height Ylianst/MeshCentral#171)
• baa67f5 Update xmltest -> ^1.5.0 - devDependencies (Keep track of remote desktop connections Ylianst/MeshCentral#182)
• 64c7388 fix(dom): Escape `]]>` when serializing CharData (Documentation Update: Ubuntu 18.04 requires "universe" repo Ylianst/MeshCentral#181)
• b73a965 Update eslint-config-prettier -> ^7.2.0 - devDependencies (Feature Request: Set server-side name Ylianst/MeshCentral#179)
• 21bc17e Switch to (only) MIT license (Login page text Ylianst/MeshCentral#178)
• ad773c9 test: Use toBe/toStrictEqual instead of toEqual (No plan for WinXP support? Ylianst/MeshCentral#175)
• 23608d9 chore: Add karfau as contributor (View users when assigning permissions Ylianst/MeshCentral#177)
• dbd2171 Export DOMException; remove custom assertions; etc. (Error creating OSX Agent if the name of the mesh contains non-English letters Ylianst/MeshCentral#174)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs