Skip to main content

Summernote

2 CVEs product

Monthly

CVE-2024-37629 npm MEDIUM POC This Month

SummerNote v0.9.1 is vulnerable to Cross Site Scripting (XSS) via the Code View Function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Summernote
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-29504 npm HIGH POC This Week

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Summernote
NVD GitHub
CVSS 3.1
7.6
EPSS
0.7%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

SummerNote v0.9.1 is vulnerable to Cross Site Scripting (XSS) via the Code View Function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Summernote
NVD GitHub
EPSS 1% CVSS 7.6
HIGH POC This Week

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Summernote
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy