Количество 2
Количество 2
CVE-2022-23474
около 3 лет назад
Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapper’s innerHTML. This issue is patched in version 2.26.0.
CVSS3: 6.1
EPSS: Низкий
GHSA-6mvj-2569-3mcm
больше 1 года назад
Editor.js vulnerable to Code Injection
CVSS3: 6.1
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23474 Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapper’s innerHTML. This issue is patched in version 2.26.0. | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
| GHSA-6mvj-2569-3mcm Editor.js vulnerable to Code Injection | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу
20