Vuetify · Vuetify · CVE-2022-25873
**Name of the Vulnerable Software and Affected Versions**
vuetify versions 2.0.0-beta.4 through 2.6.10
**Description**
The issue is related to Cross-site Scripting (XSS) due to improper input sanitization in the `eventName` function within the VCalendar component. This allows for potential malicious script execution.
**Recommendations**
For versions 2.0.0-beta.4 through 2.6.10, update to version 2.6.10 or later to resolve the issue.
As a temporary workaround, consider disabling the `eventName` function within the VCalendar component until a patch is available.