Description
Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module.
Remediation
References
http://froala.com
https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md
Related Vulnerabilities
CVE-2018-1000160 Vulnerability in npm package @risingstack/protect
CVE-2022-41940 Vulnerability in maven package org.webjars.bower:engine.io
CVE-2018-8012 Vulnerability in maven package org.apache.zookeeper:zookeeper
CVE-2020-13957 Vulnerability in maven package org.apache.solr:solr-solrj
CVE-2022-36097 Vulnerability in maven package org.xwiki.platform:xwiki-platform-attachment-ui