CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

B3log: >> Vditor >> 3.4.2 Security Vulnerabilities

CVE-2021-32855

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue.

CVSS Score

6.1

EPSS Score

0.004

Published

2023-02-21

CVE-2022-0350

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13.

CVSS Score

6.1

EPSS Score

0.001

Published

2022-03-31

CVE-2022-0341

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12.

CVSS Score

6.6

EPSS Score

0.001

Published

2022-03-14

Page 1

Vulnerabilities

Vulnerable Software

B3log: >> Vditor >> 3.4.2 Security Vulnerabilities

Products

Pricing

Contact Us