Vulnerability	Vulnerable Version
L Cross-site Scripting (XSS) vuetify is an a Material Design component framework for Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to the improper neutralization of input in the `eventMoreText` property of the `VCalendar` component. An attacker can execute arbitrary script code in the context of the user's browser session by inserting malicious HTML or JavaScript code into this property. How to fix Cross-site Scripting (XSS)? Upgrade `vuetify` to version 3.0.0 or higher.	>=2.0.0 <3.0.0
M Cross-site Scripting (XSS) vuetify is an a Material Design component framework for Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the 'eventName' function within the `VCalendar` component. How to fix Cross-site Scripting (XSS)? Upgrade `vuetify` to version 2.6.10 or higher.	>=2.0.0-beta.4 <2.6.10

Cross-site Scripting (XSS)

vuetify is an a Material Design component framework for Vue.js.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to the improper neutralization of input in the eventMoreText property of the VCalendar component. An attacker can execute arbitrary script code in the context of the user's browser session by inserting malicious HTML or JavaScript code into this property.

How to fix Cross-site Scripting (XSS)?

Upgrade vuetify to version 3.0.0 or higher.

>=2.0.0 <3.0.0

Cross-site Scripting (XSS)

vuetify is an a Material Design component framework for Vue.js.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the 'eventName' function within the VCalendar component.

How to fix Cross-site Scripting (XSS)?

Upgrade vuetify to version 2.6.10 or higher.

>=2.0.0-beta.4 <2.6.10

Go back to all versions of this package