Cross-Site Scripting (XSS)

tui-grid is vulnerable to cross-site scripting. The vulnerability exists in multiple functions of default.ts and clipboard.tsx because the inputs are not properly sanitized which allows an attacker to inject and execute arbitrary javascript...

@7polo/editorjs-table (=1.4.12), @ariesate/are-components (=1.0.1) +21 more potentially affected by CVE-2022-23458 via tui-grid (>=3.3.1 <=4.21.22)

tui-grid NPM version =3.3.1, =2.0.0, =0.0.1, =1.0.1, =1.1.6, =0.0.1, =1.0.0, =1.0.0, =1.0.5-beta.1, =0.0.0, =1.0.4, =1.0.1, =1.0.12, =1.0.20 and more Source cves: CVE-2022-23458 Source advisory: OSV:GHSA-9RWJ-9J2H-FHVM...