Vulnerabilities > Froala

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-43263 Cross-site Scripting vulnerability in Froala Editor 4.1.1
A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component.
network
low complexity
froala CWE-79
6.1
2023-09-25 CVE-2023-42426 Cross-site Scripting vulnerability in Froala Editor 4.1.1
Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component.
network
low complexity
froala CWE-79
6.1
2023-09-14 CVE-2023-41592 Cross-site Scripting vulnerability in Froala Editor
Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.
network
low complexity
froala CWE-79
5.4
2021-10-26 CVE-2020-22864 Cross-site Scripting vulnerability in Froala Editor 3.1.0
A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML.
network
low complexity
froala CWE-79
6.1
2021-07-16 CVE-2021-28114 Cross-site Scripting vulnerability in Froala Editor
Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing.
network
low complexity
froala CWE-79
5.4
2021-04-05 CVE-2021-30109 Cross-site Scripting vulnerability in Froala Editor 3.2.6
Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS).
network
low complexity
froala CWE-79
6.1
2020-10-02 CVE-2020-26523 Cross-site Scripting vulnerability in Froala Editor
Froala Editor before 3.2.2 allows XSS via pasted content.
network
low complexity
froala CWE-79
6.1
2020-07-07 CVE-2019-19935 Cross-site Scripting vulnerability in Froala Editor
Froala Editor before 3.2.3 allows XSS.
network
low complexity
froala CWE-79
6.1