5 matches found
@bndynet/bbootstrap (>=1.0.2 <=2.2.1), @bndynet/jslib (>=1.0.52 <=2.0.0) +8 more potentially affected by CVE-2023-29641 via editor.md (=1.5.0)
editor.md NPM version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on editor.md and may be impacted: - @bndynet/bbootstrap =1.0.2, =1.0.52, =2.3.6, =1.0.0, =0.2.0, =0.1.1, =0.1.0, =1.0.0, =1.0.3 Source cves: CVE-2023-29641 Source advisory:...
CVE-2023-29641
Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...
CVE-2023-29641
Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...
CVE-2023-29641
Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...
CVE-2023-29641
CVE-2023-29641 affects pandao editor.md up to version 1.5.0, with a Cross-Site Scripting (XSS) vulnerability that allows attackers to inject arbitrary script or HTML via crafted Markdown text. The included connected documents corroborate the XSS issue across multiple sources, but do not provide a...