Vulnerabilities

CVE-2021-23472

by Fred · 03/11/2021

This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.

Date published : 2021-11-03

https://github.com/wenzhixin/bootstrap-table/blob/develop/src/utils/index.js%23L218

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1910690

Similar

Tags: Cybersecurity Alert