CVE-2023-42399

Cross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attacker to obtain sensitive information via the rich text editor component.
References
Link Resource
http://jodit.com Product
https://github.com/xdan/jodit/issues/1017 Third Party Advisory
https://xdsoft.net Product
Configurations

Configuration 1 (hide)

cpe:2.3:a:xdsoft:joditeditor:4.0.0:beta86:*:*:*:*:*:*

History

21 Sep 2023, 18:39

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
CPE cpe:2.3:a:xdsoft:joditeditor:4.0.0:beta86:*:*:*:*:*:*
CWE CWE-79
First Time Xdsoft joditeditor
Xdsoft
References (MISC) http://jodit.com - (MISC) http://jodit.com - Product
References (MISC) https://xdsoft.net - (MISC) https://xdsoft.net - Product
References (MISC) https://github.com/xdan/jodit/issues/1017 - (MISC) https://github.com/xdan/jodit/issues/1017 - Third Party Advisory

19 Sep 2023, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-19 04:15

Updated : 2023-12-10 15:14


NVD link : CVE-2023-42399

Mitre link : CVE-2023-42399

CVE.ORG link : CVE-2023-42399


JSON object : View

Products Affected

xdsoft

  • joditeditor
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')