Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2022/02/10 11:32 p.m.4 views

@averystupidtest/reditor (=3.0.10), @beisen-oneops/amis-ui (>=1.0.0 <=1.0.6) +122 more potentially affected by CVE-2019-19935 via froala-editor (>=2.3.5 <=3.2.2)

froala-editor NPM version =2.3.5, =1.0.0, =1.0.0, =1.0.0, =6.10.0, =0.1.0, =6.12.0-beat1, =0.0.1, =0.1.0, =0.0.6, =0.0.5, =0.0.5, =0.2.3 and more Source cves: CVE-2019-19935 Source advisory: OSV:GHSA-H236-G5GH-VQ6C...

6.1CVSS6.3AI score0.01847EPSS
Exploits3
Hacker One
Hacker One
added 2020/07/23 2:13 p.m.174 views

lemlist: CVE-2019-19935 - DOM based XSS in the froala editor

Summary: A stored XSS flow exist in the froala editor used in the web application. This can be trigger by using the code view of the editor Steps To Reproduce: 1. Start a new campaign 2. fill all the fieds and choose blank email template for the message 3. Switch to code editor view and inject "...

4.3CVSS6AI score0.01847EPSS
Exploits3
OSV
OSV
added 2020/07/07 4:15 p.m.11 views

CVE-2019-19935

Froala Editor before 3.2.3 allows XSS...

6.1CVSS6.8AI score
Exploits0References5
NVD
NVD
added 2020/07/07 4:15 p.m.41 views

CVE-2019-19935

Froala Editor before 3.2.3 allows XSS...

6.1CVSS0.01847EPSS
Exploits3References5
Cvelist
Cvelist
added 2020/07/07 3:40 p.m.44 views

CVE-2019-19935

Froala Editor before 3.2.3 allows XSS...

6.2AI score0.01847EPSS
Exploits3References5
CVE
CVE
added 2020/07/07 3:40 p.m.54 views

CVE-2019-19935

Froala Editor prior to 3.2.3 is vulnerable to DOM-based XSS due to improper sanitization when HTML is inserted into the DOM. Affected versions include 3.2.2 and earlier; exploitation can occur via editor content manipulation (e.g., switching to code view). Remediation: upgrade to 3.2.3 or later w...

6.1CVSS6.1AI score0.01847EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder