Description
SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.8.20
References
Related Issues
- RSSHub Cross-site Scripting vulnerability caused by internal media proxy - CVE-2024-27926
- Bootstrap Cross-Site Scripting (XSS) vulnerability - CVE-2024-6531
- seajs Cross-site Scripting vulnerability - CVE-2024-51091
- @urql/next Cross-site Scripting vulnerability - CVE-2024-24556
- Tags:
- npm
- summernote
Anything's wrong? Let us know Last updated on June 12, 2024