tui-grid

vulnerability cross-site scripting (xss)
severity 8.2
language typescript
registry npm

✍️ Description

tui.grid is vulnerable to Cross-Site Scripting (XSS)..

🕵️‍♂️ Proof of Concept

Open any example https://nhn.github.io/tui.grid/latest/tutorial-example03-custom-editor
Edit any name filed with:-  ss'<img src=x onerror=alert(1)> 
XSS payload will get executed.

💥 Impact

Cross-Site Scripting (XSS)