Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2019-11818 Vulnerability in maven package org.opencms:org.opencms.workplace.tools.accounts
CVE-2020-7690 Vulnerability in maven package org.webjars.bower:jspdf
CVE-2023-29208 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2021-23926 Vulnerability in maven package org.apache.xmlbeans:xmlbeans
CVE-2021-42550 Vulnerability in maven package ch.qos.logback:logback-core