2025-04-04 05:00:11
snyk
PUBLISHED
All versions of the package react-draft-wysiwyg are vulnerable to Cross-site Scripting (XSS) via the Embedded button which will then result in saving the payload in the tag.</p> </div> </div> </div> </div> </div> </div> </div> <footer> <div class="container py-4 py-lg-10"> <hr> <div class="text-muted d-flex justify-content-between align-items-center pt-3" style="text-align: center;"> <p class="mb-10"><center>Copyright © 2026 eXtreme Hosting</center></p> <p class="mb-10"><center><a href="/gdpr/">Privacy Policy GDPR/AVG</a> | <a href="/algemene-voorwaarden/">Algemene voorwaarden</a></center></p> </div> </div> </footer> <script src="/template/assets/bootstrap/js/bootstrap.min.js"></script> <script src="/template/assets/js/startup-modern.js"></script> </body> </html><img style="display: none;" src="https://telemetry.extremehosting.nl/Analy/?api=0C44A78F-C43E-4700-990A-0F40CE4B4A51&dtt=1746954019&urr=https://extremehosting.nl/cve/cve-details/CVE-2025-3191" />