68 matches found
CVE-2024-34449
Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true...
Vditor 跨站脚本漏洞
Vditor is a browser-side Markdown editor by the individual developer Vanessa219. A cross-site scripting vulnerability exists in Vditor version 3.10.3, which originates from allowing cross-site scripting attacks via attributes of A element...
CVE-2024-34449
Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true...
@cao_steven/nb-core (=1.0.0), @dcodegroup-au/dsg-vue (>=0.0.17 <=0.0.18) +87 more potentially affected by CVE-2021-32855 via vditor (>=2.3.1 <=3.8.15)
vditor NPM version =2.3.1, =0.0.17, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =0.0.1, =0.0.2, =0.0.1-beta.15, =0.0.1, =0.0.0, =0.0.24 and more Source cves: CVE-2021-32855 Source advisory: OSV:GHSA-VFMP-9999-6WQJ...
GHSA-VFMP-9999-6WQJ Vditor Cross-site Scripting vulnerability
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
Vditor Cross-site Scripting vulnerability
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
CVE-2021-32855
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
CVE-2021-32855
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
Cross site scripting
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
Vditor 跨站脚本漏洞
Vditor is a browser-based Markdown editor by Vanessa219 Personal Developer. A security vulnerability exists in Vditor versions prior to 3.8.7, which stems from a cross-site scripting XSS vulnerability...
CVE-2021-32855
The CVE-2021-32855 entry concerns Vditor, a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS) where an attacker must lure a user into pasting a malicious payload into the editor. The vulnerability is mitigated in version 3.8.7, which con...
CVE-2021-32855 vditor vulnerable to Cross-site Scripting
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
PT-2023-12187 · Vditor · Vditor
Name of the Vulnerable Software and Affected Versions: Vditor versions prior to 3.8.7 Description: Vditor is a browser-side Markdown editor. The issue at hand is a copy-paste cross-site scripting XSS problem. For this particular type of XSS, the victim needs to be fooled into copying a malicious...
CVE-2021-32855 vditor vulnerable to Cross-site Scripting
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...
Cross Site Scripting (XSS)
vditor is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in user input fields which allows a malicious user to inject and execute arbitrary Javascript...
@cao_steven/nb-core (=1.0.0), @dcodegroup-au/dsg-vue (>=0.0.17 <=0.0.18) +85 more potentially affected by CVE-2022-0350 via vditor (>=2.3.1 <=3.3.9)
vditor NPM version =2.3.1, =0.0.17, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =0.0.1, =0.0.2, =0.0.1-beta.15, =0.0.1, =0.0.0, =0.0.24 and more Source cves: CVE-2022-0350 Source advisory: OSV:GHSA-689X-X68P-FPH3...
Cross-site Scripting in vditor
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...
GHSA-689X-X68P-FPH3 Cross-site Scripting in vditor
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...
CVE-2022-0350
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...
CVE-2022-0350
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...