org.iplass:iplass-admin (>=4.0.0 <=4.0.20), org.iplass:iplass-gem (>=4.0.0 <=4.0.20) +7 more potentially affected by CVE-2025-15056 via org.webjars.npm:quill (>=2.0.0-rc.2 <=2.0.2)

org.webjars.npm:quill MAVEN version =2.0.0-rc.2, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =2.10.2, =2.10.3-ssr.3 Source cves: CVE-2025-15056 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-14927398...

168wangxiao-ui (>=0.3.6 <=0.3.70), 3achatlibrary (>=1.0.0 <=1.0.9) +5430 more potentially affected by CVE-2025-15056 via quill (>=0.19.14 <=2.0.3)

quill NPM version =0.19.14, =0.3.6, =1.0.0, =19.0.0, =1.0.1, =1.0.0, =1.0.10, =3.1.1-0, =2.10.1, =0.1.6, =1.0.7, =19.0.0, =19.1.0 and more Source cves: CVE-2025-15056 Source advisory: SNYK:JS-QUILL-14927397...

@11kit/tiny-engine-plugin-robot (>=2.10.1 <=2.10.2), @123usmanhaider321/ui (>=0.1.6 <=0.1.8) +870 more potentially affected by CVE-2025-15056 via quill (=2.0.3)

quill NPM version =2.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on quill and may be impacted: - @11kit/tiny-engine-plugin-robot =2.10.1, =0.1.6, =1.15.1-sim3, =3.0.0, =1.0.68, =3.6.2-social.2, =1.1.15, =1.0.4, =0.1.3, =1.0.0, =1.0.4144, =0.1.0,...

CVE-2025-15056

A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...