Lucene search
+L

68 matches found

Vulnrichment
Vulnrichment
added 2024/05/03 12:0 a.m.16 views

CVE-2024-34449

Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true...

5.8AI score0.00359EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Vditor 跨站脚本漏洞

Vditor is a browser-side Markdown editor by the individual developer Vanessa219. A cross-site scripting vulnerability exists in Vditor version 3.10.3, which originates from allowing cross-site scripting attacks via attributes of A element...

6.1CVSS6AI score0.00359EPSS
Exploits1References4
OSV
OSV
added 2024/05/03 12:0 a.m.7 views

CVE-2024-34449

Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true...

6.1CVSS5.8AI score0.00359EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2023/02/21 3:30 p.m.8 views

@cao_steven/nb-core (=1.0.0), @dcodegroup-au/dsg-vue (>=0.0.17 <=0.0.18) +87 more potentially affected by CVE-2021-32855 via vditor (>=2.3.1 <=3.8.15)

vditor NPM version =2.3.1, =0.0.17, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =0.0.1, =0.0.2, =0.0.1-beta.15, =0.0.1, =0.0.0, =0.0.24 and more Source cves: CVE-2021-32855 Source advisory: OSV:GHSA-VFMP-9999-6WQJ...

6.1CVSS6.3AI score0.00584EPSS
Exploits1
OSV
OSV
added 2023/02/21 3:30 p.m.45 views

GHSA-VFMP-9999-6WQJ Vditor Cross-site Scripting vulnerability

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

6.1CVSS5.9AI score0.00584EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/02/21 3:30 p.m.36 views

Vditor Cross-site Scripting vulnerability

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

6.1CVSS5.8AI score0.00584EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2023/02/21 3:15 p.m.31 views

CVE-2021-32855

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

6.1CVSS6AI score0.00584EPSS
Exploits1References3
OSV
OSV
added 2023/02/21 3:15 p.m.24 views

CVE-2021-32855

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

6.1CVSS6AI score
Exploits0References3
Prion
Prion
added 2023/02/21 3:15 p.m.23 views

Cross site scripting

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

5.8CVSS5.9AI score0.00584EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.8 views

Vditor 跨站脚本漏洞

Vditor is a browser-based Markdown editor by Vanessa219 Personal Developer. A security vulnerability exists in Vditor versions prior to 3.8.7, which stems from a cross-site scripting XSS vulnerability...

6.1CVSS5.8AI score0.00584EPSS
Exploits1References4
CVE
CVE
added 2023/02/20 12:0 a.m.69 views

CVE-2021-32855

The CVE-2021-32855 entry concerns Vditor, a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS) where an attacker must lure a user into pasting a malicious payload into the editor. The vulnerability is mitigated in version 3.8.7, which con...

6.1CVSS6AI score0.00584EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/20 12:0 a.m.8 views

CVE-2021-32855 vditor vulnerable to Cross-site Scripting

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

6.1CVSS6.2AI score0.00584EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.6 views

PT-2023-12187 · Vditor · Vditor

Name of the Vulnerable Software and Affected Versions: Vditor versions prior to 3.8.7 Description: Vditor is a browser-side Markdown editor. The issue at hand is a copy-paste cross-site scripting XSS problem. For this particular type of XSS, the victim needs to be fooled into copying a malicious...

6.1CVSS5.9AI score0.00584EPSS
Exploits1References9
Cvelist
Cvelist
added 2023/02/20 12:0 a.m.37 views

CVE-2021-32855 vditor vulnerable to Cross-site Scripting

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

6.1CVSS6.2AI score0.00584EPSS
Exploits1References3
Veracode
Veracode
added 2022/04/06 9:43 a.m.18 views

Cross Site Scripting (XSS)

vditor is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in user input fields which allows a malicious user to inject and execute arbitrary Javascript...

6.1CVSS2.1AI score0.00584EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/04/01 12:0 a.m.4 views

@cao_steven/nb-core (=1.0.0), @dcodegroup-au/dsg-vue (>=0.0.17 <=0.0.18) +85 more potentially affected by CVE-2022-0350 via vditor (>=2.3.1 <=3.3.9)

vditor NPM version =2.3.1, =0.0.17, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =0.0.1, =0.0.2, =0.0.1-beta.15, =0.0.1, =0.0.0, =0.0.24 and more Source cves: CVE-2022-0350 Source advisory: OSV:GHSA-689X-X68P-FPH3...

6.1CVSS6AI score0.00538EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/04/01 12:0 a.m.31 views

Cross-site Scripting in vditor

Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...

6.1CVSS1AI score0.00538EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/04/01 12:0 a.m.91 views

GHSA-689X-X68P-FPH3 Cross-site Scripting in vditor

Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...

5.4CVSS5.2AI score0.00538EPSS
Exploits1References4
NVD
NVD
added 2022/03/31 4:15 p.m.40 views

CVE-2022-0350

Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...

6.1CVSS0.00538EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/03/31 4:15 p.m.9 views

CVE-2022-0350

Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...

6.1CVSS6AI score0.00538EPSS
Exploits1References3
Rows per page
Query Builder