Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table
Description
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Bootstrap Tables before 1.20.2 has an XSS vulnerability via the Table Export plugin when exportOptions.htmlContent is true, allowing session cookie theft and data exfiltration.
Vulnerability
Bootstrap Tables prior to version 1.20.2 contains a cross-site scripting (XSS) vulnerability in the Table Export plugin. When the configuration option exportOptions.htmlContent is set to true, the plugin does not properly sanitize HTML content in exported tables, potentially leading to XSS attacks [1]. This affects all versions before the fix was released.
Exploitation
An attacker can inject malicious JavaScript into table cell content. When a user exports the table (e.g., to Excel) with htmlContent: true, the injected script executes in the context of the user's browser. The attacker needs the ability to insert data into the table (e.g., via stored XSS in a web application using Bootstrap Tables). The victim must trigger the export action.
Impact
Successful exploitation can lead to disclosure of session cookies, theft of secure session data, and exfiltration of sensitive information to third parties. The attacker can perform actions on behalf of the victim within the affected application.
Mitigation
The vulnerability is fixed in Bootstrap Tables version 1.20.2, as seen in commit b4a1e5d [3]. Users should upgrade to version 1.20.2 or later. As a workaround, set exportOptions.htmlContent to false or avoid using the export plugin with untrusted data. No CVE listing in KEV is available.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bootstrap-tablenpm | < 1.20.2 | 1.20.2 |
Affected products
2- wenzhixin/wenzhixin/bootstrap-tablev5Range: unspecified
Patches
1b4a1e5dd332bFixed XSS vulnerability bug by onCellHtmlData
1 file changed · +4 −16
src/extensions/export/bootstrap-table-export.js+4 −16 modified@@ -23,15 +23,7 @@ $.extend($.fn.bootstrapTable.defaults, { showExport: false, exportDataType: 'basic', // basic, all, selected exportTypes: ['json', 'xml', 'csv', 'txt', 'sql', 'excel'], - exportOptions: { - onCellHtmlData (cell, rowIndex, colIndex, htmlData) { - if (cell.is('th')) { - return cell.find('.th-inner').text() - } - - return htmlData - } - }, + exportOptions: {}, exportFooter: false }) @@ -162,13 +154,9 @@ $.BootstrapTable = class extends $.BootstrapTable { $exportButtons.click(e => { e.preventDefault() - const type = $(e.currentTarget).data('type') - const exportOptions = { - type, - escape: false - } - - this.exportTable(exportOptions) + this.exportTable({ + type: $(e.currentTarget).data('type') + }) }) this.handleToolbar() }
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-grw5-g9h2-wpg8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1726ghsaADVISORY
- github.com/wenzhixin/bootstrap-table/commit/b4a1e5dd332be652e0bc376fd9256886cf4bbde9ghsax_refsource_MISCWEB
- huntr.dev/bounties/9b85cc33-0395-4c31-8a42-3a94beb2efeaghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.