Vulnerability CVE-2019-19935


Published: 2020-07-07

Description:
Froala Editor before 3.0.6 allows XSS.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting
Emanuel Duss
05.07.2020

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
http://packetstormsecurity.com/files/158300/Froala-WYSIWYG-HTML-Editor-3.1.1-Cross-Site-Scripting.html
https://github.com/froala/wysiwyg-editor/compare/v3.0.5...v3.0.6

Copyright 2020, cxsecurity.com

 

Back to Top