Lucene search

Froala Editor Security Vulnerabilities

cve

CVE-2019-19935

Froala Editor before 3.2.3 allows XSS.

6.1CVSS

6.1AI Score

0.011EPSS

2020-07-07 04:15 PM

cve

CVE-2020-22864

A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML.

6.1CVSS

6AI Score

0.001EPSS

2021-10-26 10:15 PM

cve

CVE-2020-26523

Froala Editor before 3.2.2 allows XSS via pasted content.

6.1CVSS

5.9AI Score

0.001EPSS

2020-10-02 07:15 AM

cve

CVE-2021-28114

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing.

5.4CVSS

5.2AI Score

0.001EPSS

2021-07-16 01:15 PM

cve

CVE-2021-30109

Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module.

6.1CVSS

5.9AI Score

0.001EPSS

2021-04-05 01:15 PM

cve

CVE-2023-41592

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.

5.4CVSS

5.3AI Score

0.001EPSS

2023-09-14 11:15 PM

cve

CVE-2023-42426

Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component.

6.1CVSS

6.2AI Score

0.002EPSS

2023-09-25 09:15 PM

cve

CVE-2023-43263

A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component.

6.1CVSS

6.1AI Score

0.001EPSS

2023-09-27 03:19 PM