Medium severity6.1NVD Advisory· Published Jan 13, 2026· Updated Apr 20, 2026
CVE-2025-15056
CVE-2025-15056
Description
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting (XSS).
This issue affects Quill: 2.0.3.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- fluidattacks.com/advisories/diomedesnvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-v3m3-f69x-jf25ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-15056ghsaADVISORY
News mentions
0No linked articles in our index yet.