42 matches found
PT-2023-8844 · Npm · @Excalidraw/Excalidraw
Name of the Vulnerable Software and Affected Versions: @excalidraw/excalidraw versions 0.0.0 through 0.15.2 Description: The issue is related to Cross-site Scripting XSS via embedded links in whiteboard objects due to improper input sanitization. This allows a remote attacker to conduct an XSS...
@blocklet/discuss-kit (>=1.0.8 <=2.0.172), @blocklet/discuss-kit-post (>=1.6.254 <=2.0.172) +58 more potentially affected by CVE-2023-26140 via @excalidraw/excalidraw (>=0.10.0 <=0.15.3)
@excalidraw/excalidraw NPM version =0.10.0, =1.0.8, =1.6.254, =1.0.8, =0.0.2, =0.0.6, =1.0.0, =0.0.1, =0.0.1, =0.0.2, =30.1.2, =0.0.0, =0.0.5, =0.0.32 and more Source cves: CVE-2023-26140 Source advisory: SNYK:JS-EXCALIDRAWEXCALIDRAW-5841658...