Esonhugh

**Name of the Vulnerable Software and Affected Versions** element-plus versions prior to 2.0.5 **Description** The issue concerns Cross Site Scripting (XSS) via the `el-table-column` component. Specifically, when the `show-tooltips-overflow` attribute of `el-table-column` is set to true, a mouseover action can cause the text of this column to render as HTML, potentially leading to XSS. **Recommendations** For element-plus versions prior to 2.0.5, consider disabling the `show-tooltips-overflow` attribute of `el-table-column` to minimize the risk of exploitation until a patch is available. Restrict access to the `el-table-column` component to prevent potential XSS attacks.