2 matches found
vue2-baremetrics-calendar (>=0.1.0 <=1.6.1) potentially affected by CVE-2021-32859 via baremetrics-calendar (=1.0.14)
baremetrics-calendar NPM version =1.0.14 is affected by a known vulnerability. The following packages have a transitive dependency on baremetrics-calendar and may be impacted: - vue2-baremetrics-calendar =0.1.0, =1.6.1 Source cves: CVE-2021-32859 Source advisory: OSV:GHSA-465F-MXXH-GRC4...
Baremetrics calendar 跨站脚本漏洞
calendar is a Baremetrics open source date range selector for Baremetrics. A security vulnerability exists in Baremetrics calendar version 1.0.14 and earlier, which stems from the vulnerability to cross-site scripting XSS attacks when handling untrusted entries, which can be exploited by an...