CVE-2021-23445
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in npm/datatables.net
Identifiers
CVE-2021-23445
Package Slug
npm/datatables.net
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
This affects the package datatables.net If an array is passed to the HTML escape entities function it would not have its contents escaped.
Affected Versions
All versions before 1.11.3
Solution
Upgrade to version 1.11.3 or above.
Last Modified
2021-10-13
| source |