Filtered by vendor Bootstrap-table
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-1726 | 1 Bootstrap-table | 1 Bootstrap Table | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties. | |||||
CVE-2021-23472 | 1 Bootstrap-table | 1 Bootstrap Table | 2024-11-21 | 4.3 MEDIUM | 3.1 LOW |
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set. |