Description
pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element.
Remediation
References
https://github.com/pandao/editor.md/issues/715
Related Vulnerabilities
CVE-2023-29208 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2018-11697 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2021-23820 Vulnerability in npm package json-pointer
CVE-2020-35490 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2022-22968 Vulnerability in maven package org.springframework:spring-context