EPSS
Percentile
34.9%
vditor is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in user input fields which allows a malicious user to inject and execute arbitrary Javascript.
github.com/Vanessa219/vditor/commit/1b2382d7f8a4ee509d9245db4450d926a0b24146
github.com/Vanessa219/vditor/issues/1085
securitylab.github.com/advisories/GHSL-2021-1006-vditor/