Description
pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element.
Remediation
References
https://github.com/pandao/editor.md/issues/715
Related Vulnerabilities
CVE-2020-9296 Vulnerability in maven package com.netflix.conductor:conductor-core
CVE-2023-47325 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web
CVE-2021-32808 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2022-0639 Vulnerability in npm package url-parse
CVE-2021-41151 Vulnerability in npm package @backstage/plugin-scaffolder-backend