52 matches found
Cross site scripting
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "" substring, which is mishandled during construction of an A element...
CVE-2018-19056
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "" substring, which is mishandled during construction of an A element...
CVE-2018-19056
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "" substring, which is mishandled during construction of an A element...
CVE-2018-19056
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "" substring, which is mishandled during construction of an A element...
Pandao editor.md vulnerable to XSS in IMG attributes
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
GHSA-VJCJ-5G2R-VXQC Pandao editor.md vulnerable to XSS in IMG attributes
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
Pandao Editor.md Cross-Site Scripting Vulnerability
Pandao Editor.md is an open source online Markdown a markup language editor components. A cross-site scripting vulnerability exists in Pandao Editor.md version 1.5.0, which can be exploited by remote attackers to gain administrator privileges with a specially crafted invalid IMG element attribute...
CVE-2018-16330
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
Cross site scripting
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2018-16330
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2018-16330
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2018-16330
CVE-2018-16330 affects Pandao Editor.md 1.5.0 and is an XSS vulnerability triggered by crafted attributes of an invalid IMG element. Multiple sources (NVD entry and related advisories) corroborate that enables cross-site scripting in this version. CVSS data indicate base scores: CVSS v2 base 4.3 ...