2 matches found
CVE-2024-27103
Querybook is a Big Data Querying UI. When a user searches for their queries, datadocs, tables and lists, the search result is marked and highlighted, and this feature uses dangerouslySetInnerHTML which means that if the highlighted result has an XSS payload it will trigger. While the input to...
CVE-2024-27103
Querybook (Big Data Querying UI) is affected by a stored XSS vulnerability (CVE-2024-27103) arising from unsanitized input passed to dangerouslySetInnerHTML during search result highlighting and in the query auto-suggestion feature. The issue is triggered when highlighted results or suggested tab...