simditor
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting simditorpage 1 of 1
- CVE-2018-19048MEDIUMCVSS 6.1EG 6.1✓ Fixed in 2.3.222019-05-13
Simditor through 2.3.21 allows DOM XSS via an onload attribute within a malformed SVG element.
- CVE-2018-6464MEDIUMCVSS 6.1EG 6.12018-01-31
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1.
Check whether simditor is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for simditor CVEs against the assets you own.
Start Free Scan →