DataTables Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-23445 - Vulnerability Database
DataTables Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-23445
Medium
Reference:
CVE-2021-23445
Title:
DataTables Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.