CVE-2022-21802
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in npm/grapesjs
Identifiers
CVE-2022-21802
Package Slug
npm/grapesjs
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
The package grapesjs before 0.19.5 is vulnerable to Cross-site Scripting (XSS) due to an improper sanitization of the class name in Selector Manager.
Affected Versions
All versions before 0.19.5
Solution
Upgrade to version 0.19.5 or above.
Last Modified
2022-07-29
| source |