CVE-2023-42426

Cross-site scripting XSS vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component...

PT-2023-28334 · Froala · Froala Editor

Name of the Vulnerable Software and Affected Versions: Froala Editor version 4.1.1 Description: A cross-site scripting XSS issue allows remote attackers to execute arbitrary code via the Insert link parameter in the Insert Image component. This enables attackers to inject malicious code,...