GHSA-hgr5-82rc-p936

Опубликовано: 01 сент. 2020

Источник: github

Github: Прошло ревью

Описание

Cross-Site Scripting in md-data-table

All versions of md-data-table are vulnerable to cross-site scripting (XSS). This vulnerability is exploitable if an attacker has control over data that is rendered by mdt-row

Recommendation

As there is no fix for this vulnerability at this time we recommend either selecting another package to perform this functionality or properly sanitizing all user data prior to rendering with md-data-table

Ссылки

https://www.npmjs.com/advisories/748

Пакеты

Наименование

md-data-table

npm

Затронутые версииВерсия исправления

>= 0.0.0

Отсутствует

Дефекты

CWE-79

Дефекты

CWE-79