Qwik has a potential mXSS vulnerability due to improper HTML escaping
A potential mXSS vulnerability exists in Qwik for versions up to 1.6.0.
Advisories for Npm/@Builder.io/Qwik package
2024
2023
Improper Control of Generation of Code ('Code Injection')
Code Injection in GitHub repository builderio/qwik prior to 0.21.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5.