Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2023-34602 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base-core
CVE-2019-16762 Vulnerability in npm package slpjs
CVE-2022-36882 Vulnerability in maven package org.jenkins-ci.plugins:git
CVE-2023-26129 Vulnerability in npm package bwm-ng
CVE-2021-21160 Vulnerability in maven package org.webjars.npm:electron