HTML Injection and Data Exfiltration Vulnerability in Bootstrap Table Export Plug-in

HTML Injection and Data Exfiltration Vulnerability in Bootstrap Table Export Plug-in

CVE-2022-1726 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties.

Learn more about our Web Application Penetration Testing UK.