Description

Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript.

Remediation

References

https://github.com/josdejong/jsoneditor/issues/1029

Related Vulnerabilities

CVE-2022-34662 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-common

CVE-2021-23426 Vulnerability in npm package proto

CVE-2017-16083 Vulnerability in npm package node-simple-router

CVE-2021-23424 Vulnerability in npm package ansi-html

CVE-2022-31198 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Exploit Third Party Advisory