A cross-site scripting vulnerability exists in Jodit Editor 3.0.0 and later, and 3.20.4 and earlier, due to a lack of effective filtering and escaping of user-supplied data when pasting specially constructed input. An attacker could use this vulnerability to launch a cross-site scripting attack.