DataTables Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-23445 - Vulnerability Database

DataTables

DataTables Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-23445

Medium

Reference: CVE-2021-23445

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-23445

Title: DataTables Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.