Description
Cross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.5.0
References
Related Issues
- Cross Site Scripting vulnerability in store2 - CVE-2024-57556
- Bootstrap Cross-site Scripting vulnerability - CVE-2016-10735
- protobufjs Prototype Pollution vulnerability - CVE-2023-36665
- chromedriver Command Injection vulnerability - CVE-2023-26156
- Tags:
- npm
- editor.md
Anything's wrong? Let us know Last updated on November 07, 2023