11 matches found
EUVD-2022-1825
Malicious code in bioql PyPI...
CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting XSS via el-table-column...
Cross-site Scripting (XSS)
element-plus is vulnerable to cross-site scriptingXSS attacks. The library does not properly sanitize the popperContent parameter in renderContent function, allowing an attacker to inject and execute malicious javascript via el-table-column...
element-plus vulnerable to cross-site scripting (XSS) via el-table-column
element-plus below 2.0.5 is vulnerable to Cross Site Scripting XSS when attribute show-tooltips-overflow of el-table-column is true. The mouseover action will make the text of this column render as html...
GHSA-RJVG-8V36-XV9R element-plus vulnerable to cross-site scripting (XSS) via el-table-column
element-plus below 2.0.5 is vulnerable to Cross Site Scripting XSS when attribute show-tooltips-overflow of el-table-column is true. The mouseover action will make the text of this column render as html...
CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting XSS via el-table-column...
CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting XSS via el-table-column...
CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting XSS via el-table-column...
CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting XSS via el-table-column...
CVE-2022-27103
CVE-2022-27103 affects element-plus 2.0.5, with a Cross Site Scripting (XSS) flaw exposed through el-table-column. The root cause described in the included records is inadequate sanitization/filtering of el-table-column content, allowing injected script execution. Multiple sources (CNNVD citing l...
Element Plus 跨站脚本漏洞
Element Plus is an open source Vue.js 3 UI library from the China Element Plus organization. A cross-site scripting vulnerability exists in Element Plus version 2.0.5, which stems from a lack of filtering and escaping of el-table-column in the application...