Vaadin-grid-flow is vulnerable to information disclosure. The vulnerability exists in treegrid component due to the use of a numeric incremental id as a key for grid items on client side which allows an attacker to get access to sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
vaadin grid | le | 22.0.14 | |
vaadin grid | le | 14.8.9 | |
vaadin grid | le | 23.0.8 | |
vaadin grid | le | 22.0.14 | |
vaadin grid | le | 14.8.9 | |
vaadin grid | le | 23.0.8 |