froala-editor (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package froala-editor, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2020-22864 — CVSS 6.1 (medium): A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute…
CVE-2021-30109 — CVSS 6.1 (medium): Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent…