Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2023-45811 Vulnerability in npm package deobfuscator
CVE-2021-3810 Vulnerability in npm package code-server
CVE-2023-22465 Vulnerability in maven package org.http4s:http4s-core
CVE-2020-28268 Vulnerability in npm package controlled-merge
CVE-2022-36010 Vulnerability in npm package react-editable-json-tree