CVE-2022-21802
npm/grapesjs
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The package grapesjs before 0.19.5 is vulnerable to Cross-site Scripting (XSS) due to an improper sanitization of the class name in Selector Manager.
All versions before 0.19.5
Upgrade to version 0.19.5 or above.
2022-07-29
source |