43 matches found
GHSA-2589-W6XF-983R Cross-site scripting in react-bootstrap-table
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...
Cross-site Scripting in bootstrap-table
This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
GHSA-MW6Q-98MP-G8G8 Cross-site Scripting in bootstrap-table
This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
dn-bootstrap-table-mobile (=1.0.0) potentially affected by CVE-2021-23472 via bootstrap-table (=1.11.1)
bootstrap-table NPM version =1.11.1 is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap-table and may be impacted: - dn-bootstrap-table-mobile =1.0.0 Source cves: CVE-2021-23472 Source advisory: OSV:GHSA-MW6Q-98MP-G8G8...
Bootstrap-Table has an unspecified vulnerability
Bootstrap-Table is an open source extension table from the individual developers of China Wenzhixin that integrates with some of the most widely used Css frameworks. bootstrap-table has a security vulnerability that stems from improper design or implementation during the development of code for a...
Cross-site Scripting (XSS)
bootstrap-table is vulnerable to cross-site scripting. Lack of input sanitization in the escapeHTML function of index.js allows an attacker to inject and execute malicious javascript even if the escape attribute is set...
CVE-2021-23472
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
CVE-2021-23472
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
UBUNTU-CVE-2021-23472
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
CVE-2021-23472
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
CVE-2021-23472
CVE-2021-23472 affects versions before 1.19.1 of the bootstrap-table package. The vulnerability is a type confusion that can bypass input sanitization when escapeHTML receives an array instead of a string, even if escape is enabled. Several connected sources (NVD, OSV, GHSA) corroborate the exist...
CVE-2021-23472 Cross-site Scripting (XSS)
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...
PT-2021-5669 · Unknown · Bootstrap-Table
Name of the Vulnerable Software and Affected Versions: bootstrap-table versions prior to 1.19.1 Description: A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is...
Bootstrap-Table 跨站脚本漏洞
Bootstrap-Table is an open source extension table from the individual developers of China Wenzhixin that integrates with some of the most widely used Css frameworks. bootstrap-table has a security vulnerability that stems from improper design or implementation during the development of code for a...
Security Bulletin: Vulnerabilities in Urllib3 and react-bootstrap-table affect IBM Spectrum Discover.
Summary Vulnerabilities in Urllib3 and react-bootstrap-table such as problems on the regular expression cause denial of service, improper validations in parameters and problems related to cross-site scripting, may affect IBM Spectrum Discover. Vulnerability Details CVEID: CVE-2021-33503...
Cross-site Scripting (XSS)
Overview bootstrap-table is an extended table to integration with some of the most widely used CSS frameworks. Supports Bootstrap, Semantic UI, Bulma, Material Design, Foundation, Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS. A type confusion vulnerability...
dn-bootstrap-table-mobile (=1.0.0) potentially affected by CVE-2021-23472 via bootstrap-table (=1.11.1)
bootstrap-table NPM version =1.11.1 is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap-table and may be impacted: - dn-bootstrap-table-mobile =1.0.0 Source cves: CVE-2021-23472 Source advisory: SNYK:JS-BOOTSTRAPTABLE-1657597...
CVE-2021-23398
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...
CVE-2021-23398
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...
CVE-2021-23398
CVE-2021-23398 affects the React Bootstrap Table package. The vulnerability arises from improper validation of user input in the dataFormat parameter, triggering dangerouslySetInnerHTML when an invalid React element is returned, leading to a cross-site scripting (XSS) risk. Public documents descr...