Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-4943-9VGG-GR5R
HistoryMay 10, 2021 - 3:38 p.m.

Cross-site Scripting in quill

2021-05-1015:38:12
Google
osv.dev
59
cross-site scripting
html editor
slab quill
vulnerability
arbitrary javascript
xss payload
img element
patch
cve
disputed
researchers
intended behavior
web browser

EPSS

0.001

Percentile

47.7%

JSON

A vulnerability in the HTML editor of Slab Quill allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. No patch exists and no further releases are planned.

This CVE is disputed. Researchers have claimed that this issue is not within the product itself, but is intended behavior in a web browser. More information can be found here.

Related

prion 1
vulnrichment 1
nodejs 1
nvd 1
cve 1
github 1
cvelist 1
prion
prion
Design/Logic Flaw
2021-04-12 21:15:00
vulnrichment
vulnrichment
CVE-2021-3163
2021-04-12 20:35:07
nodejs
nodejs
Cross-Site Scripting
2021-05-10 15:38:40
nvd
nvd
CVE-2021-3163
2021-04-12 21:15:14
cve
cve
CVE-2021-3163
2021-04-12 21:15:14
github
github
Cross-site Scripting in quill
2021-05-10 15:38:12
cvelist
cvelist
CVE-2021-3163
2021-04-12 20:35:07

EPSS

0.001

Percentile

47.7%

JSON
Related for OSV:GHSA-4943-9VGG-GR5R
prion1vulnrichment1nodejs1nvd1cve1github1cvelist1