MAL-2024-11260 Malicious code in @bytedanc-ad/market-ui-vue2 (npm)

--- -= Per source details. Do not edit below this line.=-...

GHSA-G3CH-RX76-35FX vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)

A vulnerability has been discovered in vue-template-compiler, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as Object.prototype.staticClass or Object.prototype.staticStyle to execute arbitrary JavaScript code...