CVE-2026-32712

Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Prior to 3.4.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Daily Sales management table. The customername column is configured with escape: false in the bootstrap-tabl...

CVE-2026-32712

Open Source Point of Sale (OSPOS) has a Stored XSS vulnerability in the Daily Sales page prior to version 3.4.3. The issue arises from the customer_name field being configured with escape: false in the bootstrap-table setup, causing customer names to render as raw HTML. With customer management p...

Security Bulletin: IBM Edge Data Collector uses bootstrap-table-1.18.1.min.js, bootstrap-table-1.18.2.min.js, bootstrap-table-export-1.18.2.min.js which are vulnerable to CVE-2022-1726, CVE-2021-23472.

Summary IBM Edge Data Collector uses bootstrap-table-1.18.1.min.js, bootstrap-table-1.18.2.min.js, bootstrap-table-export-1.18.2.min.js which are vulnerable to CVE-2022-1726, CVE-2021-23472. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

EUVD-2021-2417

Malware in sbrugna...

EUVD-2021-2370

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-23472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provide...

Linux Distros Unpatched Vulnerability : CVE-2022-1726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to...

Cross-Site Scripting (XSS)

bootstrap-table is vulnerable to cross-site scripting. The vulnerability exists in onCellHtmlData when the exportOptions is set to true which allows an attacker to inject and execute maliciously crafted script...

dn-bootstrap-table-mobile (=1.0.0) potentially affected by CVE-2022-1726 via bootstrap-table (=1.11.1)

bootstrap-table NPM version =1.11.1 is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap-table and may be impacted: - dn-bootstrap-table-mobile =1.0.0 Source cves: CVE-2022-1726 Source advisory: OSV:GHSA-GRW5-G9H2-WPG8...

Cross-site Scripting in bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

DEBIAN-CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

UBUNTU-CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

CVE-2022-1726 is a cross-site scripting vulnerability in the Bootstrap Table project when using the Table Export plug-in with exportOptions: htmlContent enabled, in versions prior to 1.20.2. The issue affects the Bootstrap Table code path (wenzhixin/bootstrap-table) and is disclosed as capable of...

CVE-2022-1726 Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

Bootstrap-Table 跨站脚本漏洞

Bootstrap-Table is an open source extension table integrated with some of the most widely used Css frameworks by individual developers at Wenzhixin. A security vulnerability exists in Bootstrap-Table versions prior to 1.20.2. An attacker could exploit this vulnerability to disclose session cookie...

The vulnerability of the escapeHTML function in the Bootstrap Table software allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the escapeHTML function in the Bootstrap Table software lies in errors related to data type mixing. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality and integrity of the protected information...

192.168.0.172 (=4.6.1), @attivio/suit (>=0.0.47 <=1.0.7) +76 more potentially affected by CVE-2021-23398 via react-bootstrap-table (>=1.6.2 <=4.3.1)

react-bootstrap-table NPM version =1.6.2, =0.0.47, =1.0.0, =0.3.1, =0.1.1, =1.21.0, =0.15.0-beta-1, =0.0.1, =1.14.3, =1.0.1, =1.0.70 and more Source cves: CVE-2021-23398 Source advisory: OSV:GHSA-2589-W6XF-983R...

Cross-site scripting in react-bootstrap-table

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...