quill
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting quillpage 1 of 1
- CVE-2021-3163MEDIUMCVSS 6.1EG 4.22021-04-12
A vulnerability in the HTML editor of Slab Quill 4.8.0 allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. Note: Researchers have claimed that th…
- CVE-2025-15056MEDIUMCVSS 6.1EG 6.12026-01-13
vulnerable: 2.0.3
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting (XSS). This issue affects Quill: 2.0.3.
Check whether quill is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for quill CVEs against the assets you own.
Start Free Scan →