summernote

vulnerability cross-site scripting (xss)
severity 4.3
language javascript
registry npm

Overview

summernote is a super simple WYSIWYG Editor.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript with object decoding such as <script>alert(1)</script> resulting in XSS.

References