Froala Wysiwyg-Editor vulnerabilities
4 known vulnerabilities affecting froala/wysiwyg-editor.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2021-28114P3MEDIUM≥ 0, < 3.2.72021-07-19
CVE-2021-28114 [MEDIUM] CWE-79 Cross-site Scripting in Froala WYSIWYG Editor
Cross-site Scripting in Froala WYSIWYG Editor
Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing.
ghsaosv
CVE-2024-51434P4MEDIUM≥ 0, ≤ 4.3.02024-11-08
CVE-2024-51434 [MEDIUM] CWE-79 Froala WYSIWYG editor allows cross-site scripting (XSS)
Froala WYSIWYG editor allows cross-site scripting (XSS)
Inconsistent tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier.
ghsaosv
CVE-2023-41592P4MEDIUM≥ 4.0.1, < 4.1.42023-09-15
CVE-2023-41592 [MEDIUM] CWE-79 Froala Editor Cross-site Scripting vulnerability
Froala Editor Cross-site Scripting vulnerability
Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.
ghsaosv
CVE-2020-26523P4MEDIUM≥ 0, < 3.2.22022-05-24
CVE-2020-26523 [MEDIUM] CWE-79 Froala WYSIWYG Editor XSS Vulnerability
Froala WYSIWYG Editor XSS Vulnerability
Froala Editor before 3.2.2 allows XSS via pasted content.
ghsaosv