Description
Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript.
Remediation
References
https://github.com/josdejong/jsoneditor/issues/1029
Related Vulnerabilities
CVE-2020-5258 Vulnerability in maven package org.webjars.npm:dojo
CVE-2022-31777 Vulnerability in maven package org.apache.spark:spark-core_2.12
CVE-2020-26258 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2020-7767 Vulnerability in npm package express-validators
CVE-2021-4264 Vulnerability in maven package org.webjars:dustjs-linkedin