Description
Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting specially constructed input. This issue has not been fully patched. There are no known workarounds.
Remediation
References
https://securitylab.github.com/advisories/GHSL-2022-030_xdan_jodit/
Related Vulnerabilities
CVE-2022-36908 Vulnerability in maven package org.jenkins-ci.plugins:openshift-deployer
CVE-2021-21169 Vulnerability in npm package electron
CVE-2022-36033 Vulnerability in maven package org.jsoup:jsoup
CVE-2022-41254 Vulnerability in maven package org.jenkins-ci.plugins:cons3rt
CVE-2021-40111 Vulnerability in maven package org.apache.james:james-server