4 matches found
CVE-2023-34245
@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...
Cross Site Scripting (XSS)
@udecode/plate-link is vulnerable to Cross Site Scripting XSS. The vulnerability exists because it does not properly validate url's, which allows an attacker to inject malicious JavaScript script into the system...
CVE-2023-34245
@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...
CVE-2023-34245 Cross site scripting (XSS) in @udecode/plate-link
@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...