Advisories for Npm/Jsuites package

Versions of the package jsuites before 5.0.1 is vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization in the Editor() function.

jsuites is an open source collection of common required javascript web components. jsuites is vulnerable to DOM based XSS if the user can be tricked into copying anything malicious and pasting it into the html editor. This is because a part of the clipboard content is directly written to innerHTML allowing for javascript injection and thus XSS.