Lucene search
GoogleOSV:GHSA-QCG2-H349-VWM3HistoryMay 06, 2021 - 3:52 p.m.
Cross-site Scripting in React Draft Wysiwyg
2021-05-0615:52:35
Google
osv.dev
35
0.001 Low
EPSS
Percentile
26.4%
react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| react-draft-wysiwyg | lt | 1.14.6 |
Related
nodejs
nodejs
Cross-Site Scripting
2021-05-06 15:53:49
osv
osv
CVE-2021-31712
2021-04-24 21:15:07
cve
cve
CVE-2021-31712
2021-04-24 21:15:07
github
github
Cross-site Scripting in React Draft Wysiwyg
2021-05-06 15:52:35
veracode
veracode
Cross-Site Scripting (XSS)
2021-05-08 09:15:10
prion
prion
Cross site scripting
2021-04-24 21:15:00
cvelist
cvelist
CVE-2021-31712
2021-04-24 20:56:59
nvd
nvd
CVE-2021-31712
2021-04-24 21:15:07