Skip to main content
CVE-2021-31712 MEDIUM POC PATCH This Month

react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS React Draft Wysiwyg
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-31794 MEDIUM This Month

Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Directum
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy