simplemde@1.10.0 vulnerabilities

A simple, beautiful, and embeddable JavaScript Markdown editor. Features autosaving and spell checking.

Direct Vulnerabilities

Known vulnerabilities in the simplemde package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the iFrame handler.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for simplemde.

*
  • M
Cross-site Scripting (XSS)

simplemde is a drop-in JavaScript textarea replacement for writing beautiful and understandable Markdown.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks via an onerror attribute of a crafted IMG element.

How to fix Cross-site Scripting (XSS)?

There is no fix version for simplemde.

*