4 matches found
CVE-2025-3191
creationtimestamp| type| source ---|---|--- 2025-04-04 07:58:45+00:00| seen| https://t.me/cvedetector/22077 2025-07-16 21:34:29+00:00| published-proof-of-concept| https://t.me/AGLegends/1985 2025-07-16 23:31:02+00:00| published-proof-of-concept| https://t.me/cybersecunity/284...
@1kit/react (>=0.0.74 <=0.0.149), @1kit/ui (>=0.0.14 <=0.0.90) +763 more potentially affected by CVE-2025-3191 via react-draft-wysiwyg (>=1.10.0 <=1.15.0)
react-draft-wysiwyg NPM version =1.10.0, =0.0.74, =0.0.14, =1.0.7, =0.2.2, =1.0.0, =0.0.5, =0.1.2, =1.0.2, =1.0.0, =1.0.2, =2.0.54, =1.0.1-alpha.0, =1.0.3-alpha.0 and more Source cves: CVE-2025-3191 Source advisory: OSV:GHSA-FQ5X-7292-2P5R...
CVE-2025-3191
All versions of the package react-draft-wysiwyg are vulnerable to Cross-site Scripting XSS via the Embedded button which will then result in saving the payload in the tag...
CVE-2025-3191
All versions of the package react-draft-wysiwyg are vulnerable to Cross-site Scripting XSS via the Embedded button which will then result in saving the payload in the tag...