0.9.1
9 years ago
2 months ago
Known vulnerabilities in the summernote package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the WYSIWYG editor on the front page. An attacker can inject and execute malicious scripts by crafting input that is improperly sanitized. How to fix Cross-site Scripting (XSS)? Upgrade | <0.9.0 |
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the Note: This is only exploitable if the attacker can access the editor component. How to fix Cross-site Scripting (XSS)? Upgrade | <0.9.0 |
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It is possible to inject malicious JavaScript within the PoC
How to fix Cross-site Scripting (XSS)? Upgrade | <0.8.19 |
summernote is a super simple WYSIWYG Editor. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to a lack of sanitization in some text fields. How to fix Cross-site Scripting (XSS)? Upgrade | <0.8.12 |