5 matches found
EUVD-2022-4734
Malicious code in bioql PyPI...
Simditor XSS Vulnerability
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1...
GHSA-P9WJ-WRRM-84M5 Simditor XSS Vulnerability
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1...
Design/Logic Flaw
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1...
CVE-2018-6464
Summary : CVE-2018-6464 affects Simditor v2.3.11, where an attacker can trigger cross-site scripting (XSS) by crafting an SVG onload payload inside a TEXTAREA element, demonstrated with Firefox 54.0.1. The root cause is not explicitly detailed beyond the use of an SVG/onload payload in a TEXTAREA...