Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2019-10783 Vulnerability in npm package lsof
CVE-2012-0394 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2021-46708 Vulnerability in maven package org.webjars.bower:swagger-ui
CVE-2021-22964 Vulnerability in npm package fastify-static
CVE-2021-31811 Vulnerability in maven package org.apache.pdfbox:pdfbox