Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Content name pattern due to the insecure usage of innerHTML in the getTextHeight function. This is only exploitable if the user has content edit permissions. Details Cross-site scripting or XSS is a code...