CVE-2020-23849
npm/jsoneditor
Cross-site Scripting
Stored XSS was discovered in the tree mode of jsonedit through injecting and executing JavaScript.
All versions starting from 8.6.6 before 9.0.2
Upgrade to version 9.0.2 or above.
2021-01-15
source |