Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Cross-site Scripting (XSS) vulnerabilities in an interactive lesson.
Start learningUpgrade bootstrap-vue
to version 2.0.0-rc.12 or higher.
bootstrap-vue provides one of the most comprehensive implementations of Bootstrap 4 components and grid system for Vue.js and with extensive and automated WAI-ARIA accessibility markup.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Insufficient input sanitisation and escaping may lead to the execution of malicious JavaScript on the user's browser.