Headline
GHSA-w974-rq9x-mh3v: Pandao Editor.md vulnerable to cross-site scripting (XSS) in iframe src parameter
Cross-site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the <iframe> src parameter.
Pandao Editor.md vulnerable to cross-site scripting (XSS) in iframe src parameter
Moderate severity GitHub Reviewed Published Apr 4, 2023 to the GitHub Advisory Database • Updated Apr 4, 2023
Related news
CVE-2020-19697: XSS vulnerability found via <iframe> src attribute · Issue #701 · pandao/editor.md
Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the <iframe>src parameter.