VYPR
Low severityNVD Advisory· Published Jul 2, 2020· Updated Aug 4, 2024

Cross-site Scripting in OctoberPotential self-XSS when pasting content from malicious websites

CVE-2020-4061

Description

In October from version 1.0.319 and before version 1.0.467, pasting content copied from malicious websites into the Froala richeditor could result in a successful self-XSS attack. This has been fixed in 1.0.467.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
october/backendPackagist
>= 1.0.319, < 1.0.4671.0.467

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.