GHSA-hh56-x62g-gvhc

Source

https://github.com/advisories/GHSA-hh56-x62g-gvhc

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/07/GHSA-hh56-x62g-gvhc/GHSA-hh56-x62g-gvhc.json

Aliases

CVE-2019-1010113

Published

2019-07-26T16:10:06Z

Modified

2023-11-08T04:00:40.723401Z

Details

Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link (A) element.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-1010113
https://drive.google.com/drive/folders/1UxgdL8SJO6KKnG3bh0-LTl7C6i41VwoW?usp=sharing

Affected packages

NuGet / CLEditor

Package

Name: CLEditor

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Last affected

1.4.5

Affected versions

1.*

1.3.0

1.4.1

1.4.3

1.4.4

1.4.5