Description
Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript.
Remediation
References
https://github.com/josdejong/jsoneditor/issues/1029
Related Vulnerabilities
CVE-2021-31406 Vulnerability in maven package com.vaadin:flow-server
CVE-2023-47323 Vulnerability in maven package org.silverpeas.core:silverpeas-core-api
CVE-2022-41928 Vulnerability in maven package org.xwiki.platform:xwiki-platform-attachment-ui
CVE-2023-36542 Vulnerability in maven package org.apache.nifi:nifi-hikari-dbcp-service
CVE-2022-45143 Vulnerability in maven package org.apache.tomcat:tomcat-util