Description
Froala Editor before 3.2.2 allows XSS via pasted content.
Remediation
References
https://froala.com/wysiwyg-editor/changelog/
Related Vulnerabilities
CVE-2020-13934 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-28730 Vulnerability in maven package org.apache.jspwiki:jspwiki-war
CVE-2022-25883 Vulnerability in maven package org.webjars.npm:semver
CVE-2023-50766 Vulnerability in maven package org.sonatype.nexus.ci:nexus-jenkins-plugin
CVE-2016-6659 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-uaa