Vulnerability	Vulnerable Version
L Cross-site Scripting (XSS) datatables.net is a DataTables for jQuery Affected versions of this package are vulnerable to Cross-site Scripting (XSS). If an array is passed to the HTML escape entities function it would not have its contents escaped. How to fix Cross-site Scripting (XSS)? Upgrade `datatables.net` to version 1.11.3 or higher.	<1.11.3
H Prototype Pollution datatables.net is a DataTables for jQuery Affected versions of this package are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. How to fix Prototype Pollution? Upgrade `datatables.net` to version 1.10.23 or higher.	<1.10.23
M Prototype Pollution datatables.net is a DataTables for jQuery Affected versions of this package are vulnerable to Prototype Pollution. POC `The following two files are required to be served by an HTTP server. poc.html: <script src="https://code.jquery.com/jquery-3.5.1.js"></script> <script src="jquery.dataTables.js"></script> <script> $.fn.dataTable.ext.internal._fnSetObjectDataFn('__proto__.foo')({},'polluted'); document.write('foo : ' + foo); </script> jquery.dataTables.js: https://github.com/DataTables/Dist-DataTables/blob/master/js/jquery.dataTables.js` How to fix Prototype Pollution? Upgrade `datatables.net` to version 1.10.22 or higher.	<1.10.22

datatables.net@1.10.18 vulnerabilities

jQuery DataTables