Description
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
Remediation
References
https://github.com/pandao/editor.md/issues/612
Related Vulnerabilities
CVE-2017-16195 Vulnerability in npm package pytservce
CVE-2018-19837 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2022-31190 Vulnerability in maven package org.dspace:dspace-xmlui
CVE-2022-24613 Vulnerability in maven package com.drewnoakes:metadata-extractor
CVE-2018-18389 Vulnerability in maven package org.neo4j:neo4j-security-enterprise