4 matches found
@aqsc/form-making (>=0.0.22 <=0.0.39), @ariesate/are-components (=1.0.1) +78 more potentially affected by CVE-2022-25646 via x-data-spreadsheet (>=1.1.4 <=1.1.9)
x-data-spreadsheet NPM version =1.1.4, =0.0.22, =1.1.0, =1.1.5, =0.0.1, =0.0.1, =0.0.1, =1.0.1, =1.1.6, =0.0.1, =0.0.15 and more Source cves: CVE-2022-25646 Source advisory: OSV:GHSA-X5CW-843F-R366...
CVE-2022-25646 Cross-site Scripting (XSS)
All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting XSS due to missing sanitization of values inserted into the cells...
CVE-2022-25646
All versions of x-data-spreadsheet are vulnerable to Cross-site Scripting (XSS) due to missing sanitization of values inserted into cells. The vulnerability enables injection and execution of malicious JavaScript in the browser when cell values are rendered. Public sources in the connected set (V...
@aqsc/form-making (>=0.0.22 <=0.0.39), @ariesate/are-components (=1.0.1) +78 more potentially affected by CVE-2022-25646 via x-data-spreadsheet (>=1.1.4 <=1.1.9)
x-data-spreadsheet NPM version =1.1.4, =0.0.22, =1.1.0, =1.1.5, =0.0.1, =0.0.1, =0.0.1, =1.0.1, =1.1.6, =0.0.1, =0.0.15 and more Source cves: CVE-2022-25646 Source advisory: SNYK:JS-XDATASPREADSHEET-2430381...