Description
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
Remediation
References
https://github.com/pandao/editor.md/issues/612
Related Vulnerabilities
CVE-2023-26136 Vulnerability in npm package tough-cookie
CVE-2022-24697 Vulnerability in maven package org.apache.kylin:kylin-core-common
CVE-2022-35923 Vulnerability in npm package v8n
CVE-2022-2596 Vulnerability in npm package node-fetch
CVE-2022-24615 Vulnerability in maven package net.lingala.zip4j:zip4j