Lucene search
China National Vulnerability DatabaseCNVD-2022-20523HistoryMar 16, 2022 - 12:00 a.m.
vditor cross-site scripting vulnerability
2022-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
vditor
markdown
xss
vulnerability
javascript
client-side
EPSS
0.001
Percentile
21.4%
vditor is a browser-based Markdown editor that supports WYSIWYG, on-the-fly rendering (similar to Typora), and split-screen preview modes. vditor versions prior to 3.8.12 are vulnerable to a cross-site scripting vulnerability that stems from the program’s lack of data validation filtering of user-supplied and output data. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
huntr
huntr
Cross-site Scripting (XSS) - Stored in vanessa219/vditor
2022-01-23 03:24:49
osv
osv
CVE-2022-0341
2022-03-14 04:15:08
Cross-site Scripting in vditor
2022-03-15 00:01:02
prion
prion
Cross site scripting
2022-03-14 04:15:00
veracode
veracode
Cross-site Scripting (XSS)
2022-03-15 04:29:06
cvelist
cvelist
CVE-2022-0341 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
2022-03-14 04:10:09
github
github
Cross-site Scripting in vditor
2022-03-15 00:01:02
nvd
nvd
CVE-2022-0341
2022-03-14 04:15:08
cve
cve
CVE-2022-0341
2022-03-14 04:15:08