Skip to content

[Bug Report][2.6.9] xss in v-calendar #15757

New issue
Jump to bottom
New issue
Jump to bottom
Closed
Closed
[Bug Report][2.6.9] xss in v-calendar#15757
Assignees
KaelWD
Labels
C: VCalendarP: highThe issue is of high importanceT: bugFunctionality that does not work as intended/expected
Milestone
 
v2.6.x
@5v3n-08

Description

@5v3n-08
5v3n-08
opened on Sep 8, 2022

Environment

Vuetify Version: 2.6.9
Vue Version: 2.6.14
Browsers: Chrome 105.0.0.0
OS: Mac OS 10.15.7

Steps to reproduce

Open the link and see the alert with xss.

Expected Behavior

Not use plain html

Actual Behavior

html is used and open an alert

Reproduction Link

https://codepen.io/5v3n-08/pen/MWGKEjY

Other comments

Only work if this property is set
:event-name="getCalendarEventName"

Metadata

Assignees

Labels

C: VCalendarP: highThe issue is of high importanceT: bugFunctionality that does not work as intended/expected

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions