Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:46756
HistoryMay 06, 2024 - 6:56 a.m.

Cross Site Scripting (XSS)

2024-05-0606:56:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
vditor
cross site scripting
xss
a element
sanitization
vulnerability

AI Score

5.6

Confidence

High

EPSS

0

Percentile

9.0%

JSON

vditor is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to a lack of default xss sanitization within the editor, which allows an attacker to execute XSS via an attribute of an A element.

Related

nvd 1
osv 1
cve 1
cvelist 1
vulnrichment 1
github 1
nvd
nvd
CVE-2024-34449
2024-05-03 16:15:11
osv
osv
Vditor allows Cross-site Scripting via an attribute of an `A` element
2024-05-03 18:30:37
cve
cve
CVE-2024-34449
2024-05-03 16:15:11
cvelist
cvelist
CVE-2024-34449
2024-05-03 00:00:00
vulnrichment
vulnrichment
CVE-2024-34449
2024-05-03 00:00:00
github
github
Vditor allows Cross-site Scripting via an attribute of an `A` element
2024-05-03 18:30:37

AI Score

5.6

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for VERACODE:46756
nvd1osv1cve1cvelist1vulnrichment1github1