@editorjs/editorjs is vulnerable to remote code execution. An attacker is able to upload and execute malicious code on the system via pasted input into wrapper’s innerHTML
method.
CPE | Name | Operator | Version |
---|---|---|---|
@editorjs/editorjs | le | 2.26.0-rc.0 | |
@editorjs/editorjs | le | 2.26.0-rc.0 |