Описание
Cross-Site Scripting in fomantic-ui
Versions of fomantic-ui are vulnerable to Cross-Site Scripting. Lack of output encoding on the selection dropdowns can lead to user input being executed instead of printed as text.
Recommendation
Upgrade to version 2.7.0 or later.
Пакеты
Наименование
fomantic-ui
npm
Затронутые версииВерсия исправления
< 2.7.0
2.7.0
Дефекты
CWE-79
Дефекты
CWE-79