CVE-2026-32712

Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Prior to 3.4.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Daily Sales management table. The customername column is configured with escape: false in the bootstrap-tabl...

CVE-2026-32712

Open Source Point of Sale (OSPOS) has a Stored XSS vulnerability in the Daily Sales page prior to version 3.4.3. The issue arises from the customer_name field being configured with escape: false in the bootstrap-table setup, causing customer names to render as raw HTML. With customer management p...

Security Bulletin: IBM Edge Data Collector uses bootstrap-table-1.18.1.min.js, bootstrap-table-1.18.2.min.js, bootstrap-table-export-1.18.2.min.js which are vulnerable to CVE-2022-1726, CVE-2021-23472.

Summary IBM Edge Data Collector uses bootstrap-table-1.18.1.min.js, bootstrap-table-1.18.2.min.js, bootstrap-table-export-1.18.2.min.js which are vulnerable to CVE-2022-1726, CVE-2021-23472. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

EUVD-2021-2417

Malware in sbrugna...

EUVD-2021-2370

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-23472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provide...

Linux Distros Unpatched Vulnerability : CVE-2022-1726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to...

Cross-Site Scripting (XSS)

bootstrap-table is vulnerable to cross-site scripting. The vulnerability exists in onCellHtmlData when the exportOptions is set to true which allows an attacker to inject and execute maliciously crafted script...

dn-bootstrap-table-mobile (=1.0.0) potentially affected by CVE-2022-1726 via bootstrap-table (=1.11.1)

bootstrap-table NPM version =1.11.1 is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap-table and may be impacted: - dn-bootstrap-table-mobile =1.0.0 Source cves: CVE-2022-1726 Source advisory: OSV:GHSA-GRW5-G9H2-WPG8...

Cross-site Scripting in bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

DEBIAN-CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

UBUNTU-CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

CVE-2022-1726 is a cross-site scripting vulnerability in the Bootstrap Table project when using the Table Export plug-in with exportOptions: htmlContent enabled, in versions prior to 1.20.2. The issue affects the Bootstrap Table code path (wenzhixin/bootstrap-table) and is disclosed as capable of...

CVE-2022-1726 Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

Bootstrap-Table 跨站脚本漏洞

Bootstrap-Table is an open source extension table integrated with some of the most widely used Css frameworks by individual developers at Wenzhixin. A security vulnerability exists in Bootstrap-Table versions prior to 1.20.2. An attacker could exploit this vulnerability to disclose session cookie...

Cross-site scripting in react-bootstrap-table

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

192.168.0.172 (=4.6.1), @attivio/suit (>=0.0.47 <=1.0.7) +76 more potentially affected by CVE-2021-23398 via react-bootstrap-table (>=1.6.2 <=4.3.1)

react-bootstrap-table NPM version =1.6.2, =0.0.47, =1.0.0, =0.3.1, =0.1.1, =1.21.0, =0.15.0-beta-1, =0.0.1, =1.14.3, =1.0.1, =1.0.70 and more Source cves: CVE-2021-23398 Source advisory: OSV:GHSA-2589-W6XF-983R...

GHSA-2589-W6XF-983R Cross-site scripting in react-bootstrap-table

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

GHSA-MW6Q-98MP-G8G8 Cross-site Scripting in bootstrap-table

This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...