Description
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
Remediation
References
https://github.com/pandao/editor.md/issues/612
Related Vulnerabilities
CVE-2020-26301 Vulnerability in npm package ssh2
CVE-2020-28052 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15on
CVE-2023-22578 Vulnerability in npm package @sequelize/core
CVE-2023-31417 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2023-38905 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base-core