Cross-site Scripting (XSS)
Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Cross-site Scripting XSS via the CommentsService component, which uses v-html without proper sanitization. An attacker can execute arbitrary JavaScript code in the context of a user's browser by submitting crafted inp...