📄 Django Summernote 0.8.20.0 Unrestricted File Upload Scanner

This Metasploit Auxiliary Scanner module detects unrestricted file upload vulnerabilities in django-summernote. It targets misconfigurations where image validation depends on the Pillow library and allows non-image files to be uploaded when Pillow is missing. The module safely scans common upload...

CVE-2026-Pending-Django-Summernote-RCE

CVE-2026-XXXXX Pending: django-summernote Arbitrary File Upl...

EUVD-2024-2017

Malicious code in bioql PyPI...

EUVD-2023-46824

Malicious code in bioql PyPI...

CVE-2024-29504

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

CVE-2023-42371

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...

Event Registration and Attendance System 1.0 Code Injection

============================================================================================================================================= | Title : Event Registration and Attendance System 1.0 wysiwyg code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / brows...

Cross Site Scripting(XSS)

summernote is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation and sanitization of user-provided content, allowing malicious scripts to be executed within the context of the application when viewed in code mode...

SummerNote Cross Site Scripting Vulnerability

SummerNote 0.8.18 is vulnerable to Cross Site Scripting XSS via the Code View Function...

GHSA-CC55-MVQC-G9MG SummerNote Cross Site Scripting Vulnerability

SummerNote 0.8.18 is vulnerable to Cross Site Scripting XSS via the Code View Function...

@activix/summernote-image-attributes (=1.0.0), @beratkara/summernote-words-length (=1.0.0) +133 more potentially affected by CVE-2024-37629 via summernote (>=0.5.9 <=0.8.20)

summernote NPM version =0.5.9, =0.0.3, =0.0.1, =1.0.2, =1.0.0, =2.1.4140, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =1.0.12, =2.0.0 and more Source cves: CVE-2024-37629 Source advisory: OSV:GHSA-CC55-MVQC-G9MG...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

SummerNote Cross-Site Scripting Vulnerability

Summernote is a super simple WYSIWYG editor from Summernote open source. A cross-site scripting vulnerability exists in SummerNote version 0.8.18, which stems from vulnerability to cross-site scripting attacks via the code view feature...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

PT-2024-27684 · Unknown · Summernote

Name of the Vulnerable Software and Affected Versions: SummerNote version 0.8.18 Description: The issue is related to Cross Site Scripting XSS via the Code View Function. This means an attacker could potentially inject malicious scripts into the code view of SummerNote, affecting users who intera...

CVE-2024-37629

SummerNote vulnerability CVE-2024-37629 impacts SummerNote in Code View mode across versions including v0.9.1 (and related advisories cite v0.8.18 in older contexts). The NVD/NVD-derived details indicate XSS due to insufficient input handling, with a CVSSv3.1 base score of 6.1 (Medium): attack ve...

Cross Site Scripting (XSS)

Summernote is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitization of the codeview parameter, which can result in the the execution of arbitrary JavaScript code via a crafted payload...