Description
Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript.
Remediation
References
https://github.com/josdejong/jsoneditor/issues/1029
Related Vulnerabilities
CVE-2021-23337 Vulnerability in npm package lodash
CVE-2020-17527 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-3952 Vulnerability in maven package com.manydesigns:portofino-microservice-launcher
CVE-2016-4055 Vulnerability in maven package org.webjars.bower:moment
CVE-2020-8127 Vulnerability in maven package org.webjars.bowergithub.hakimel:reveal.js