Описание
Cross-site scripting in CLEditor
Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link (A) element.
Пакеты
Наименование
CLEditor
nuget
Затронутые версииВерсия исправления
<= 1.4.5
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 6 лет назад
Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link (A) element.