Advisories for Npm/Summernote package

2024

SummerNote Cross Site Scripting Vulnerability

SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.

Summernote vulnerable to cross-site scripting

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter.