Advisories for Npm/Froala-Editor package

Inconsistent tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier.

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.

Froala Editor before 3.2.3 allows XSS.

A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML.

Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module.

Froala WYSIWYG Edit is affected by XSS due to a namespace confusion during parsing.