GHSA-hvpq-7vcc-5hj5

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-hvpq-7vcc-5hj5/GHSA-hvpq-7vcc-5hj5.json
Aliases
  • CVE-2023-41592
Published
2023-09-15T00:30:29Z
Modified
2023-09-20T22:35:11.646149Z
Details

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.

References

Affected packages

Packagist / froala/wysiwyg-editor

Source Details

Package Name
froala/wysiwyg-editor

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.0.1
Last affected
4.1.1

Affected versions

v4.*

v4.0.1
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.16
v4.0.17
v4.0.18
v4.0.19
v4.1.0
v4.1.1

Ecosystem specific 

{
    "affected_functions": [
        ""
    ]
}