40 matches found
GHSA-4WH3-3WF2-39M9 Summernote vulnerable to cross-site scripting
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...
@bidvine/react-summernote (=2.0.2), @uday_test/wm_codegen_angular_app (=0.0.0) +14 more potentially affected by CVE-2024-29504 via summernote (>=0.5.9 <=0.8.18)
summernote NPM version =0.5.9, =1.0.2, =4.8.14, =4.9.23, =4.9.23, =4.9.23, =4.9.23, =5.0.6, =1.0.0, =0.0.1, =1.2.1 - wm-ng-webcomponent =1.0.1 and more Source cves: CVE-2024-29504 Source advisory: OSV:GHSA-4WH3-3WF2-39M9...
Summernote vulnerable to cross-site scripting
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...
CVE-2024-29504
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...
CVE-2024-29504
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...
PT-2024-22929 · Unknown · Summernote
Name of the Vulnerable Software and Affected Versions: Summernote versions 0.8.18 and earlier Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the codeview parameter. This enables the attacker to perform actions such as executing arbitrary code on...
Summernote 安全漏洞
Summernote is a super simple WYSIWYG editor from the Summernote open source. A security vulnerability exists in Summernote v.0.8.18 and earlier versions, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to execute arbitrary code via a crafted...
CVE-2024-29504
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...
CVE-2024-29504
CVE-2024-29504 affects Summernote up to v0.8.18 (and earlier). The root cause described across connected sources is improper sanitization of the codeview parameter, leading to Cross Site Scripting (XSS) that can allow execution of arbitrary JavaScript in the context of the affected page. Impact d...
CVE-2024-29504
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
Cross site scripting
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
CVE-2023-42371 maps to a Cross-Site Scripting vulnerability in Summernote Rich Text Editor up to v0.8.18. Reported weakness allows a remote attacker to execute arbitrary code via a crafted script inserted through the editor’s insert link function. The issue is described consistently across multip...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
Summernote Rich Text Editor Cross-Site Scripting Vulnerability
Summernote Rich Text Editor is a rich text editor from Summernote. A cross-site scripting vulnerability exists in Summernote Rich Text Editor v.0.8.18 and prior versions, which originates from a vulnerability that could allow a remote attacker to execute arbitrary code via a crafted script in the...
Cross-Site Scripting (XSS)
summernote is vulnerable to cross-site scripting XSS attacks. The library does not sanitise user input when attaching a link to an image, allowing a malicious user to inject and execute arbitrary code on their own browser...
mondhygieniste.com XSS vulnerability
Open Bug Bounty ID: OBB-83397 Description| Value ---|--- Affected Website:| mondhygieniste.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...