Описание
Angular Redactor XSS Vulnerability
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.
Пакеты
Наименование
angular-redactor
npm
Затронутые версииВерсия исправления
<= 1.1.6
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 7 лет назад
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.