Description
Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting specially constructed input. This issue has not been fully patched. There are no known workarounds.
Remediation
References
https://securitylab.github.com/advisories/GHSL-2022-030_xdan_jodit/
Related Vulnerabilities
CVE-2022-31108 Vulnerability in maven package org.webjars.bower:mermaid
CVE-2021-23348 Vulnerability in npm package portprocesses
CVE-2021-32818 Vulnerability in npm package haml-coffee
CVE-2021-4103 Vulnerability in npm package vditor
CVE-2021-39236 Vulnerability in maven package org.apache.ozone:ozone-main