Description
pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element.
Remediation
References
https://github.com/pandao/editor.md/issues/715
Related Vulnerabilities
CVE-2022-24898 Vulnerability in maven package org.xwiki.commons:xwiki-commons-xml
CVE-2018-16490 Vulnerability in npm package mpath
CVE-2022-24613 Vulnerability in maven package com.drewnoakes:metadata-extractor
CVE-2021-23358 Vulnerability in maven package org.webjars.bowergithub.jashkenas:underscore
CVE-2020-13445 Vulnerability in maven package com.liferay:com.liferay.portal.template.freemarker