Skip to main content

React Draft Wysiwyg

1 CVEs product

Monthly

CVE-2021-31712 npm MEDIUM POC PATCH This Month

react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS React Draft Wysiwyg
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS React Draft Wysiwyg
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy