Description
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
Remediation
References
https://github.com/pandao/editor.md/issues/612
Related Vulnerabilities
CVE-2020-7746 Vulnerability in maven package org.webjars.bower:chart.js
CVE-2020-15813 Vulnerability in maven package org.graylog2:graylog2-server
CVE-2017-16010 Vulnerability in maven package org.webjars.bower:i18next
CVE-2019-17570 Vulnerability in maven package org.apache.xmlrpc:xmlrpc
CVE-2016-10735 Vulnerability in maven package com.loopeer.android:bootstrap