Description
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
Remediation
References
https://github.com/pandao/editor.md/issues/612
Related Vulnerabilities
CVE-2021-23555 Vulnerability in npm package vm2
CVE-2019-9827 Vulnerability in maven package io.hawt:hawtio-system
CVE-2020-7636 Vulnerability in npm package adb-driver
CVE-2020-14967 Vulnerability in maven package org.webjars.bowergithub.kjur:jsrsasign
CVE-2020-11971 Vulnerability in maven package org.apache.camel:camel-main