Description
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
Remediation
References
https://github.com/pandao/editor.md/issues/612
Related Vulnerabilities
CVE-2021-42567 Vulnerability in maven package org.apereo.cas:cas-server-core-services
CVE-2023-30516 Vulnerability in maven package org.jenkins-ci.plugins:image-tag-parameter
CVE-2021-32854 Vulnerability in maven package org.webjars.npm:textangular
CVE-2023-40342 Vulnerability in maven package org.jenkins-ci.plugins:flaky-test-handler
CVE-2023-26920 Vulnerability in maven package org.webjars.npm:fast-xml-parser