Cross-site Scripting (XSS)
Overview dash-core-components is a Core component suite for Dash Affected versions of this package are vulnerable to Cross-site Scripting XSS when the href of the a tag is controlled by an adversary. An authenticated attacker who stores a view that exploits this vulnerability could steal the data...