Skip to main content

Quill Mention

1 CVEs product

Monthly

CVE-2023-26149 npm MEDIUM POC PATCH This Month

Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Quill Mention
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Quill Mention
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy