Moderate severityNVD Advisory· Published Jun 12, 2024· Updated Oct 7, 2025
CVE-2024-37629
CVE-2024-37629
Description
SummerNote v0.9.1 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
summernotenpm | <= 0.8.20 | — |
Affected products
2- SummerNote/SummerNotedescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-cc55-mvqc-g9mgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-37629ghsaADVISORY
- github.com/summernote/summernote/issues/4642ghsaWEB
- grumpz.net/cve-2024-37629-simple-xss-payload-exploits-0day-vulnerability-in-10000-web-appsghsaWEB
- github.com/summernote/summernote/releases/tag/v0.9.1mitre
News mentions
0No linked articles in our index yet.