wangEditor was discovered to contain a cross-site scripting (XSS) vulnerability via the image upload function
There is a cross-site scripting (XSS) issue in wangEditor via the image upload function in version 4.7.11. This issue has been fixed in version 4.7.12.