Zhesun88

**Name of the Vulnerable Software and Affected Versions** com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 com.vaadin:vaadin-server versions 8.0.0 through 8.8.4 **Description** The issue is related to missing variable sanitization in the Grid component, allowing an attacker to inject malicious JavaScript via an unspecified vector. **Recommendations** For versions 7.4.0 through 7.7.19, update to a version outside of this range to mitigate the risk. For versions 8.0.0 through 8.8.4, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting the use of the Grid component until a patch is available.