Skip to main content

Froala Editor

6 CVEs product

Monthly

CVE-2023-43263 MEDIUM POC This Month

A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Froala Editor
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-42426 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Froala Editor
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.1%
CVE-2023-41592 LIB MEDIUM POC PATCH This Month

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Froala Editor
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-28114 PHP MEDIUM PATCH This Month

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD
CVSS 3.1
5.4
EPSS
52.0%
CVE-2021-30109 npm MEDIUM This Month

Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-26523 PHP MEDIUM PATCH This Month

Froala Editor before 3.2.2 allows XSS via pasted content. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD
CVSS 3.1
6.1
EPSS
0.7%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Froala Editor
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Froala Editor
NVD GitHub VulDB
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Froala Editor
NVD
EPSS 52% CVSS 5.4
MEDIUM PATCH This Month

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Froala Editor before 3.2.2 allows XSS via pasted content. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy