CVE-2023-42399: Jodit Editor vulnerable to cross-site scripting

September 19, 2023 (updated September 21, 2023)

Cross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attacker to obtain sensitive information via the rich text editor component.

References

github.com/advisories/GHSA-95xr-cq6h-vwr3
github.com/xdan/jodit/issues/1017
nvd.nist.gov/vuln/detail/CVE-2023-42399

Code Behaviors & Features

Detect and mitigate CVE-2023-42399 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →