CVE-2022-2932
CVE-2022-2932 is a reflected XSS in mobiledoc-kit before 0.14.2. Public sources (GitHub/bustle/mobiledoc-kit, OSVGHSA, NVD) consistently describe the vulnerability as a client-side XSS via input processed by the library’s rendering chain, with the likely root cause in URL sanitization logic in th...