GHSA-97X5-CC53-CV4V Cross site scripting in froala-editor

A cross site scripting XSS vulnerability in the Insert Video function of Froala WYSIWYG Editor allows attackers to execute arbitrary web scripts or HTML...

Cross site scripting in froala-editor

A cross site scripting XSS vulnerability in the Insert Video function of Froala WYSIWYG Editor allows attackers to execute arbitrary web scripts or HTML...

Cross-site Scripting (XSS)

froala/wysiwyg-editor is vulnerable to cross-site scripting attacks. The vulnerability exists because the 'html.insert' in the Insert Video function does not properly sanitize the user input, which allows a malicious attacker to inject and execute arbitrary web script...

CVE-2020-22864

A cross site scripting XSS vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML...

CVE-2020-22864

CVE-2020-22864 concerns Froala WYSIWYG Editor, specifically the Insert Video function in version 3.1.0, where a cross-site scripting (XSS) vulnerability exists. The connected documents attribute the root cause to insufficient sanitization of user input in the Insert Video flow (e.g., html.insert)...

PT-2021-10802 · Froala · Froala Wysiwyg Editor

Name of the Vulnerable Software and Affected Versions: Froala WYSIWYG Editor version 3.1.0 Description: A cross site scripting XSS vulnerability in the Insert Video function of Froala WYSIWYG Editor allows attackers to execute arbitrary web scripts or HTML. Recommendations: For Froala WYSIWYG...