summernote@0.7.1 vulnerabilities
Super simple WYSIWYG editor
-
latest version
0.8.20
-
first published
9 years ago
-
latest version published
3 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the summernote package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the Note: This is only exploitable if the attacker can access the editor component. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It is possible to inject malicious JavaScript within the PoC
How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript with object decoding such as How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to a lack of sanitization in some text fields. How to fix Cross-site Scripting (XSS)? Upgrade |
<0.8.12
|