Wenzhixin

**Name of the Vulnerable Software and Affected Versions** bootstrap-table versions prior to 1.20.2 **Description** The issue allows for a XSS vulnerability with the Table Export plug-in when `exportOptions: htmlContent` is set to true. This can lead to disclosing session cookies, disclosing secure session data, and exfiltrating data to third-parties. **Recommendations** For versions prior to 1.20.2, update to version 1.20.2 or later to resolve the issue. As a temporary workaround, consider setting `exportOptions: htmlContent` to false until a patch is applied. Restrict access to the Table Export plug-in to minimize the risk of exploitation.