Lucene search
GoogleOSV:GHSA-QCG2-H349-VWM3HistoryMay 06, 2021 - 3:52 p.m.
Cross-site Scripting in React Draft Wysiwyg
2021-05-0615:52:35
Google
osv.dev
36
EPSS
0.001
Percentile
26.4%
react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS.
Related
cve
cve
CVE-2021-31712
2021-04-24 21:15:07
github
github
Cross-site Scripting in React Draft Wysiwyg
2021-05-06 15:52:35
osv
osv
CVE-2021-31712
2021-04-24 21:15:07
nodejs
nodejs
Cross-Site Scripting
2021-05-06 15:53:49
nvd
nvd
CVE-2021-31712
2021-04-24 21:15:07
cvelist
cvelist
CVE-2021-31712
2021-04-24 20:56:59
veracode
veracode
Cross-Site Scripting (XSS)
2021-05-08 09:15:10
prion
prion
Cross site scripting
2021-04-24 21:15:00