Browse Security Advisories
Moderate Security Advisories for froala-editor in npm Clear Filters
Moderate
11 months ago
Froala WYSIWYG editor allows cross-site scripting (XSS)
packagist, npm
froala/wysiwyg-editor, froala-editor
Filter by Severity
Filter by Ecosystem
maven
3,222
packagist
2,968
pypi
2,032
npm
1,386
go
1,297
nuget
528
cargo
422
rubygems
412
hex
16
swift
13
actions
8
pub
2
Filter by Package
directus
23
tinymce
14
next
12
@openzeppelin/contracts
11
tinymce/tinymce
11
@openzeppelin/contracts-upgradeable
11
ghost
11
TinyMCE
11
vite
10
ckeditor4
10
electron
10
bootstrap
10
joplin
10
swagger-ui
9
angular
9
parse-server
8
editor.md
8
validator
7
n8n
7
sanitize-html
7
nocodb
7
nodebb
7
marked
7
undici
6
jquery-ui
6
org.webjars.npm:jquery-ui
6
url-parse
6
matrix-js-sdk
6
jQuery.UI.Combined
6
vega
6
uptime-kuma
6
urijs
6
flowise
6
snyk-broker
6
@lobehub/chat
5
jquery
5
matrix-appservice-irc
5
katex
5
@evershop/evershop
5
tarteaucitronjs
5
vditor
5
bootstrap
5
dompurify
4
froala-editor
4
matrix-react-sdk
4
materialize-css
4
hono
4
jQuery
4
astro
4
glance
4
mermaid
4
serve
4
yui
4
trix
4
rsshub
4
vega-functions
4
@directus/api
4
dojo
3
sequelize
3
docsify
3
express
3
org.webjars.npm:jquery
3
lodash
3
follow-redirects
3
jose-node-cjs-runtime
3
@jmondi/url-to-png
3
xlsx
3
mattermost-desktop
3
m-server
3
systeminformation
3
jose-node-esm-runtime
3
@materializecss/materialize
3
@saltcorn/server
3
@ckeditor/ckeditor5-markdown-gfm
3
yapi-vendor
3
moodle/moodle
3
parse-url
3
public
3
@intlify/vue-i18n-core
3
vue-i18n
3
jquery-ui-rails
3
strapi
3
next-auth
3
valine
3
bootstrap
3
mysql
3
layui
3
twbs/bootstrap
3
apollo-server-core
3
petite-vue-i18n
3
postcss
3
bootstrap-sass
3
org.webjars:bootstrap
3
hapi
3
statics-server
3
jose
3
@backstage/techdocs-common
3
renovate
3
@umbraco-cms/backoffice
2
jodit
2
prismjs
2
@astrojs/node
2
axios
2
rendertron
2
bootbox
2
node-sass
2
forms
2
serialize-javascript
2
summernote
2
json-pointer
2
@directus/storage-driver-s3
2
node-red-dashboard
2
openc3
2
mapbox.js
2
mxgraph
2
status-board
2
saml2-js
2
stimulsoft-dashboards-js
2
sockjs
2
jsonwebtoken
2
erxes
2
@intlify/core-base
2
parse
2
harp
2
simple-markdown
2
jellyfin-web
2
bootstrap-sass
2
webpack-dev-server
2
connect
2
simplehttpserver
2
wrangler
2
aws-cdk-lib
2
@auth0/nextjs-auth0
2
simditor
2
nodemailer
2
Umbraco.Cms.StaticAssets
2
express-gateway
2
payload
2
@strapi/utils
2
pnpm
2
nunjucks
2
karma
2
i18next
2
@intlify/core
2
@vrite/sdk
2
jsoneditor
2
apollo-server
2
@payloadcms/next
2
nanoid
2
mcp-markdownify-server
2
google-closure-library
2
mongo-express
2
gitbook
2
express-xss-sanitizer
2
@strapi/plugin-content-manager
2
aws-cdk
2
converse.js
2
jspdf
2
@excalidraw/excalidraw
2
@finastra/nestjs-proxy
2
mysql2
2
http-proxy-middleware
2
jsrsasign
2
socket.io
2
reveal.js
2
jszip
2
keystone
2
matrix-appservice-bridge
2
@strapi/strapi
2
fastify
2
psitransfer
2
@escape.tech/graphql-armor-max-depth
2
@builder.io/qwik
2
fast-jwt
2
svelte
2
engine.io
2
@strapi/admin
2
@payloadcms/graphql
2
request
2
jose-browser-runtime
2
tough-cookie
2
openmct
2
pug
2
@openc3/tool-common
2
html-janitor
2
xmldom
2
http-file-server
2
querymen
2
auth0-lock
2
swagger-ui-dist
2
@adobe/css-tools
2
node-forge
2
openpgp
2
keycloak-connect
2
notevil
2
bodymen
2
uap-core
2
handlebars
2
bl
2
ggit
2