6 matches found
Cross-site Scripting (XSS)
angular-redactor is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization of user input that is used in an eval call...
CVE-2018-13339
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035...
CVE-2018-13339
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035...
Cross site scripting
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035...
CVE-2018-13339
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035...
CVE-2018-13339
CVE-2018-13339 affects Imperavi Redactor 3 in Angular Redactor 1.1.6 when HTML content mode is used, enabling a stored XSS as demonstrated by an onerror attribute in an IMG element; related to CVE-2018-7035. Several adjacent advisories (OSV/GHSA variants) describe the same XSS class and the root ...