0.001 Low
EPSS
Percentile
34.0%
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1.
svg/onload=alert
github.com/Heartway/simditor
github.com/Heartway/simditor/blob/master/simditor.docx
nvd.nist.gov/vuln/detail/CVE-2018-6464