Vulnerability Details CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://github.com/asjdf/element-table-xss-test/
- https://github.com/asjdf/element-table-xss-test/issues/1
- https://github.com/element-plus/element-plus/issues/6514
- https://github.com/asjdf/element-table-xss-test/
- https://github.com/asjdf/element-table-xss-test/issues/1
- https://github.com/element-plus/element-plus/issues/6514
Products affected by CVE-2022-27103
-
cpe:2.3:a:element-plus:element-plus:2.0.5