Description
Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.
Remediation
References
https://www.linkedin.com/pulse/xss-nasas-open-mct-v302-visionspace-technologies-ubg4f
Related Vulnerabilities
CVE-2020-7793 Vulnerability in maven package org.webjars.npm:ua-parser-js
CVE-2021-33420 Vulnerability in npm package replicator
CVE-2021-3666 Vulnerability in npm package body-parser-xml
CVE-2020-7726 Vulnerability in npm package safe-object2
CVE-2020-36732 Vulnerability in maven package org.webjars.npm:crypto-js