Описание
Layui cross-site scripting (XSS) vulnerability
layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter.
Пакеты
Наименование
layui
npm
Затронутые версииВерсия исправления
<= 2.7.4
2.7.5
Связанные уязвимости
CVSS3: 5.4
nvd
около 2 лет назад
layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter.