Cross-Site Scripting in md-data-table

Severity:: High

Description

All versions of md-data-table are vulnerable to cross-site scripting (XSS). This vulnerability is exploitable if an attacker has control over data that is rendered by mdt-row

Recommendation

No fix is available yet. Followings are affected versions:

>= 0.0.0

References

GHSA-hgr5-82rc-p936
www.npmjs.com
CWE-79
OWASP 2021-A3

Related Issues

PrismJS DOM Clobbering vulnerability - CVE-2024-53382
Server-Side Request Forgery in axios - CVE-2024-39338
DOS by abusing `fetchOptions.retry`. - CVE-2023-49800
Prototype Pollution in querystringify - Vulnerability

Tags:: npm; md-data-table

Anything's wrong? Let us know Last updated on January 09, 2023

Cross-Site Scripting in md-data-table

Description

Recommendation

References

Related Issues

This issue is available in SmartScanner Professional