1 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035. Imperavi Redactor 3 en Angular Redactor 1.1.6, cuando se emplea el modo de contenido HTML, permite Cross-Site Scripting (XSS) persistente, tal y como queda demostrado con un atributo onerror de un elemento IMG. Esto está relacionado con CVE-2018-7035. • https://github.com/TylerGarlick/angular-redactor/issues/77 https://github.com/gleez/cms/issues/796 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •