Simditor XSS Vulnerability
Moderate severity
GitHub Reviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Oct 6, 2023
Description
Published by the National Vulnerability Database
Jan 31, 2018
Published to the GitHub Advisory Database
May 13, 2022
Reviewed
Jul 21, 2023
Last updated
Oct 6, 2023
Simditor v2.3.11 allows XSS via crafted use of
svg/onload=alert
in a TEXTAREA element, as demonstrated by Firefox 54.0.1.References