RSS   Vulnerabilities for 'React-bootstrap-table'   RSS

2021-06-24
 
CVE-2021-23398

CWE-79
 

 
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting (XSS) via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output.

 


Copyright 2024, cxsecurity.com

 

Back to Top