Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-88814
HistorySep 28, 2022 - 12:00 a.m.

Jodit Editor Cross-Site Scripting Vulnerability

2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
cross-site scripting
jodit editor
vulnerability
filtering
escaping
user-supplied data
attack

EPSS

0.001

Percentile

34.0%

A cross-site scripting vulnerability exists in Jodit Editor 3.0.0 and later, and 3.20.4 and earlier, due to a lack of effective filtering and escaping of user-supplied data when pasting specially constructed input. An attacker could use this vulnerability to launch a cross-site scripting attack.

EPSS

0.001

Percentile

34.0%