Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert
in a TEXTAREA element, as demonstrated by Firefox 54.0.1.
{ "github_reviewed": true, "github_reviewed_at": "2023-07-21T23:22:08Z", "nvd_published_at": "2018-01-31T18:29:00Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE" }