rollout-ui is vulnerable to Cross-site Scripting (XSS). The vulnerability exists because the feature’s name attribute in the library does not properly escape in the Do you really want to delete
confirmation dialogue when the user clicks Delete
, which allows an attacker to inject and execute malicious JavaScript via maliciously crafted URL
CPE | Name | Operator | Version |
---|---|---|---|
rollout-ui | le | 0.5.2 | |
rollout-ui | le | 0.5.2 |