Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Bootstrap Table Access of Resource Using Incompatible Type (Type Confusion) Vulnerability - CVE-2021-23472 - Vulnerability Database
Bootstrap Table

Bootstrap Table Access of Resource Using Incompatible Type (Type Confusion) Vulnerability - CVE-2021-23472

Medium
Reference: CVE-2021-23472
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-23472
Title: Bootstrap Table Access of Resource Using Incompatible Type (Type Confusion) Vulnerability
Overview:

This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.