A vulnerability has been discovered in Vue, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as `Object.prototype.staticClass` or `Object.prototype.staticStyle` to execute arbitrary JavaScript code.
https://github.com/advisories/GHSA-g3ch-rx76-35fx
https://www.herodevs.com/vulnerability-directory/cve-2024-6783---vue-client-side-xss
https://www.herodevs.com/vulnerability-directory/cve-2024-6783