EPSS
Percentile
21.4%
vditor is vulnerable to stored cross-site scripting. The vulnerability exists due to the lack of sanitization in user input fields which allows a malicious user to inject and execute arbitrary Javascript.
github.com/advisories/GHSA-689x-x68p-fph3
github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476
huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c
huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c/