jodit
npm3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting joditpage 1 of 1
- CVE-2022-23461MEDIUMCVSS 5.4EG 6.12022-09-24
Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting specially constructed input. This issue has not been fully patched. There are no kn…
- CVE-2023-42399MEDIUMCVSS 6.1EG 6.12023-09-19
vulnerable: 4.0.0-beta.86
Cross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attacker to obtain sensitive information via the rich text editor component.
- CVE-2026-55886MEDIUMCVSS 6.3EG 6.3✓ Fixed in 4.12.262026-06-18
Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. Versions prior to 4.12.26 are vulnerable to Prototype Pollution through Jodit.modules.Helpers.set(chain, value, obj), which walks the dot…
Check whether jodit is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for jodit CVEs against the assets you own.
Start Free Scan →