3 matches found
CVE-2021-23398
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...
CVE-2021-23398
CVE-2021-23398 affects the React Bootstrap Table package. The vulnerability arises from improper validation of user input in the dataFormat parameter, triggering dangerouslySetInnerHTML when an invalid React element is returned, leading to a cross-site scripting (XSS) risk. Public documents descr...
CVE-2021-23398 Cross-site Scripting (XSS)
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...