Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-30109

Date: April 5, 2021

Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module.

Language: JS

Severity Score

Related Resources (4)

https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md
http://froala.com
https://nvd.nist.gov/vuln/detail/CVE-2021-30109
https://www.mend.io/vulnerability-database/CVE-2021-30109

Severity Score

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE

Do you need more information?

Contact Us