CVE-2023-1001 | xuliangzhan vxe-table up to 3.7.9 vxe-textarea textarea.js export inputValue cross site scripting (I8O21R)

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting.

The identification of this vulnerability is CVE-2023-1001. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2023-1001 | xuliangzhan vxe-table up to 3.7.9 vxe-textarea textarea.js export inputValue cross site scripting (I8O21R)

Post correlati

CVE-2024-24712 | Heateor Social Login Plugin up to 1.1.30 on WordPress Shortcode cross site scripting

CVE-2024-32454 | Wappointment Appointment Bookings for Zoom GoogleMeet and more Plugin server-side request forgery

CVE-2024-23290 | Apple iOS/iPadOS access control

CVE-2024-20254 | Cisco TelePresence Video Communication Server Expressway cross-site request forgery (cisco-sa-expressway-csrf-KnnZDMj3)