5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.6%
xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor’s source-code view.
github.com/yaniswang/xhEditor/issues/37