CVE-2022-23458

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in npm/tui-grid

Identifiers

CVE-2022-23458

Package Slug

npm/tui-grid

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

Toast UI Grid is a component to display and edit data. Versions prior to 4.21.3 is vulnerable to cross-site scripting attacks when pasting specially crafted content into editable cells. This issue was fixed in version 4.21.3. There are no known workarounds.

Affected Versions

All versions before 4.21.3

Solution

Upgrade to version 4.21.3 or above.

Last Modified

2022-09-27

source