Description
Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.
Remediation
References
https://www.linkedin.com/pulse/xss-nasas-open-mct-v302-visionspace-technologies-ubg4f
Related Vulnerabilities
CVE-2020-12265 Vulnerability in npm package decompress
CVE-2021-21363 Vulnerability in maven package io.swagger:swagger-generator
CVE-2023-34235 Vulnerability in npm package @strapi/database
CVE-2021-23558 Vulnerability in npm package bmoor
CVE-2021-32827 Vulnerability in maven package org.mock-server:mockserver-core