Описание
vue-i18n is an internationalization plugin for Vue.js. In affected versions vue-i18n can be passed locale messages to createI18n or useI18n. When locale message ASTs are generated in development mode there is a possibility of Cross-site Scripting attack. This issue has been addressed in versions 9.14.2, and 10.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
EPSS
Процентиль: 28%
0.00098
Низкий
Дефекты
CWE-79
Связанные уязвимости
github
около 1 года назад
vue-i18n has cross-site scripting vulnerability with prototype pollution
EPSS
Процентиль: 28%
0.00098
Низкий
Дефекты
CWE-79