Vulnerabilities > Quill Mention

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-26149 Cross-site Scripting vulnerability in Quill-Mention Quill Mention
Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function.
network
low complexity
quill-mention CWE-79
6.1