VYPR

Flow Components

by Vaadin

Source repositories

CVEs (1)

  • CVE-2025-15022MedJan 5, 2026
    risk 0.24cvss epss 0.00

    Action captions in Vaadin accept HTML by default but were not sanitized, potentially allowing Cross-site Scripting (XSS) if caption content is derived from user input. In Vaadin Framework 7 and 8, the Action class is a general-purpose class that may be used by multiple…