Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2023-35165 Vulnerability in npm package @aws-cdk/aws-eks
CVE-2023-43495 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-43422 Vulnerability in maven package com.compuware.jenkins:compuware-topaz-utilities
CVE-2020-14062 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind