Description
SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.8.20
References
Related Issues
- Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes - CVE-2024-6485
- Cross Site Scripting vulnerability in store2 - CVE-2024-57556
- vue-i18n has cross-site scripting vulnerability with prototype pollution - CVE-2024-52809
- vue-i18n has cross-site scripting vulnerability with prototype pollution - vue-i18n - CVE-2024-52809
You might also like:
- Tags:
- npm
- summernote
Anything's wrong? Let us know Last updated on June 12, 2024