Description
SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.8.20
References
Related Issues
- seajs Cross-site Scripting vulnerability - CVE-2024-51091
- @urql/next Cross-site Scripting vulnerability - CVE-2024-24556
- Stimulsoft Dashboard.JS Cross Site Scripting vulnerability - CVE-2024-24396
- vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 2 - CVE-2024-52809
- Tags:
- npm
- summernote
Anything's wrong? Let us know Last updated on June 12, 2024