CVE-2022-3783

Name of the Vulnerable Software and Affected Versions node-red-dashboard versions prior to 3.2.0

Description A cross-site scripting issue has been found in the node-red-dashboard, affecting the ui text Format Handler component, specifically in the file components/ui-component/ui-component-ctrl.js. This issue can be exploited remotely, leading to cross-site scripting. The attack may be initiated remotely.

Recommendations For versions prior to 3.2.0, it is recommended to update to version 3.2.0 or later to fix this issue. As a temporary workaround, consider restricting access to the ui text Format Handler component until a patch is applied.