@wangeditor/editor is vulnerable to Cross-site scripting (XSS). The vulnerability is due to missing input sanitization within the image upload function, which allows an attacker to execute arbitrary JavaScript in the browser.
CPE | Name | Operator | Version |
---|---|---|---|
@wangeditor/editor | le | 5.0.0 | |
@wangeditor/editor | le | 5.0.0 |