nextcloud-vue-collections prior to 0.4.2 are vulnerable to Cross-Site Scripting (XSS). The
v-tooltip component has an insecure
Upgrade to version 0.4.2 or later.
publishedAdvisory PublishedDec 19th, 2019
reportedReported by Julius HärtlDec 19th, 2019