Description
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Remediation
References
https://github.com/pandao/editor.md/issues/709
Related Vulnerabilities
CVE-2022-27772 Vulnerability in maven package org.springframework.boot:spring-boot
CVE-2022-43431 Vulnerability in maven package com.compuware.jenkins:compuware-strobe-measurement
CVE-2021-25646 Vulnerability in maven package org.apache.druid:druid-core
CVE-2023-26920 Vulnerability in maven package org.webjars.npm:fast-xml-parser
CVE-2022-43484 Vulnerability in maven package org.terasoluna.gfw:terasoluna-gfw-common