vue-json-tree-view
vue-json-tree-view copied to clipboard
XSS injection risk
Hi,
I want to raise a potential security risk with the use of the package.
When showing json, if a json key contains HTML (ex: ), the expression is executed.
This makes it vulnerable to XSS injections.
In my opinion this should be solved by some sort of sanitization or strong warning in the documentation.
Kind regards