Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2021-21423 Vulnerability in npm package projen
CVE-2022-48285 Vulnerability in npm package jszip
CVE-2022-28135 Vulnerability in maven package org.jvnet.hudson.plugins:instant-messaging
CVE-2020-15232 Vulnerability in maven package org.mapfish.print:print-standalone
CVE-2020-21125 Vulnerability in maven package com.bstek.ureport:ureport2-console