Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-site Scripting (XSS)
Vulnerability Description
The package grapesjs before 0.19.5 are vulnerable to Cross-site Scripting (XSS) due to an improper sanitization of the class name in Selector Manager.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
grapesjs 跨站脚本漏洞
Vulnerability Description
grapesjs是意大利Artur Arseniev个人开发者的一个免费和开源的 Web Builder 框架。有助于更u200bu200b快、更轻松地构建 HTML 模板,以便在网站、新闻通讯或移动应用程序中交付。 grapesjs 0.19.5之前版本存在安全漏洞,该漏洞源于Selector Manager中的类名过滤不当。攻击者利用该漏洞执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A