npm package
summernote
pkg:npm/summernote
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-37629 | — | <= 0.8.20 | — | Jun 12, 2024 | SummerNote v0.9.1 is vulnerable to Cross Site Scripting (XSS) via the Code View Function. | ||
| CVE-2024-29504 | — | <= 0.8.18 | — | Apr 10, 2024 | Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter. |
- CVE-2024-37629Jun 12, 2024affected <= 0.8.20
SummerNote v0.9.1 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
- CVE-2024-29504Apr 10, 2024affected <= 0.8.18
Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter.