Autogen Studio - PrismJS DOM Clobbering vulnerability

### What happened?

**Describe the bug**
Dependabot vulnerability: https://github.com/microsoft/autogen/security/dependabot/36 

Package
Affected versions
Patched version
prismjs
(npm)
<= 1.29.0
None
Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.

### Which packages was the bug in?

AutoGen Studio (autogensudio)

### AutoGen library version.

Python dev (main branch)

### Other library version.

_No response_

### Model used

_No response_

### Model provider

None

### Other model provider

_No response_

### Python version

None

### .NET version

None

### Operating system

None

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Autogen Studio - PrismJS DOM Clobbering vulnerability #5823

What happened?

Which packages was the bug in?

AutoGen library version.

Other library version.

Model used

Model provider

Other model provider

Python version

.NET version

Operating system

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Autogen Studio - PrismJS DOM Clobbering vulnerability #5823

Description

What happened?

Which packages was the bug in?

AutoGen library version.

Other library version.

Model used

Model provider

Other model provider

Python version

.NET version

Operating system

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions