9 matches found
CVE-2022-0350 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...
CVE-2022-0350 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.13...
CVE-2022-0341
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.12...
CVE-2022-0341 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 3.8.12...
Cross-site Scripting (XSS) - Stored in vanessa219/vditor
Description The Vanessa219/vditor is a markdown editor supported by browsers. If the user passes javascript:alertdocument.domain as the URL value when creating a link using the markdown syntax, there is no sanitizing process and the link is created as it is. Proof of Concept txt XSS PoC : xss 1...
Cross-site Scripting (XSS) - Stored in vanessa219/vditor
Description The Vanessa219/vditor is a markdown editor supported by browsers. When a user creates a link using the markdown syntax, the server does not URL-encode the double-quotes, so the user can escape the href attribute and trigger XSS using the on attribute. Proof of Concept txt XSS PoC : xs...
CVE-2021-4103
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 1.0.34...
CVE-2021-4103
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 1.0.34...
CVE-2021-4103 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 1.0.34...