Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.7 views

CVE-2023-34245

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

8.1CVSS6.7AI score0.00445EPSS
Exploits0
NVD
NVD
added 2023/06/09 6:15 p.m.42 views

CVE-2023-34245

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

8.1CVSS8AI score0.00445EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/09 5:4 p.m.8 views

CVE-2023-34245 Cross site scripting (XSS) in @udecode/plate-link

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

8.1CVSS7.1AI score0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/09 5:4 p.m.46 views

CVE-2023-34245 Cross site scripting (XSS) in @udecode/plate-link

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

8.1CVSS8.2AI score0.00445EPSS
Exploits0References2
CVE
CVE
added 2023/06/09 5:4 p.m.63 views

CVE-2023-34245

The CVE-2023-34245 issue affects @udecode/plate-link, the link handler for the Plate editor (Slate/React). Affected versions allow JavaScript: URLs to be rendered into the DOM due to inadequate URL sanitization, enabling potential XSS through links inserted by various means. The patch in plate-li...

8.1CVSS7AI score0.00445EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/06/09 5:4 p.m.40 views

CVE-2023-34245 Cross site scripting (XSS) in @udecode/plate-link

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

8.1CVSS6.7AI score0.00445EPSS
Exploits0References4
Rows per page
Query Builder