EPSS
Percentile
21.4%
vditor does not filter user input in SVG events, leading to XSS
</a> <svg><animate onbegin=alert(11) attributeName=x dur=1s>
github.com/vanessa219/vditor
github.com/vanessa219/vditor/commit/8d4d0889dd72b2f839e93a49db3da3a370416c7d
github.com/Vanessa219/vditor/issues/1133
huntr.dev/bounties/67b980af-7357-4879-9448-a926c6474225
nvd.nist.gov/vuln/detail/CVE-2021-4103