Skip to main content

Fix example direct vulnerability for NPM

When your configuration file specifically references a library, Veracode SCA refers to the library as a direct dependency.

These example steps provide a fix for a Cross-site Scripting (XSS) Using Non-standard Encodings vulnerability in Express, version 4.1.1 in the example-javascript repository.

To complete this task:

Run this command to edit the package.json file in the root of the project:
```
npm install [email protected] --save
```
Validate the fix.

Did you find this helpful?