CVE-2024-47061
- EPSS 0.1%
- Veröffentlicht 20.09.2024 19:15:16
- Zuletzt bearbeitet 26.09.2024 13:32:55
Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM attributes to any element or leaf using the `attribute...
CVE-2024-40631
- EPSS 0.43%
- Veröffentlicht 15.07.2024 19:15:03
- Zuletzt bearbeitet 21.11.2024 09:31:23
Plate media is an open source, rich-text editor for React. Editors that use `MediaEmbedElement` and pass custom `urlParsers` to the `useMediaState` hook may be vulnerable to XSS if a custom parser allows `javascript:`, `data:` or `vbscript:` URLs to ...
CVE-2023-34245
- EPSS 0.5%
- Veröffentlicht 09.06.2023 18:15:09
- Zuletzt bearbeitet 21.11.2024 08:06:51
@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the `javascript:` scheme. As a result, l...