Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Missing output sanitization in test sources in vaadin-menu-bar allows remote attackers to execute malicious JavaScript in browser by opening crafted URL
Advisories for Npm/@Vaadin/Vaadin-Menu-Bar package
2021