Vulnerabilities/

Simditor XSS Vulnerability

Severity:
Medium

Description

Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1.

Recommendation

No fix is available yet. Followings are affected versions:

References

Related Issues

Tags:
npm
simditor
Anything's wrong? Let us know Last updated on October 06, 2023

This issue is available in SmartScanner Professional

See Pricing