Filtered by vendor Slab Subscriptions
Filtered by product Quill Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-3163 1 Slab 1 Quill 2024-11-21 6.1 Medium
A vulnerability in the HTML editor of Slab Quill 4.8.0 allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. Note: Researchers have claimed that this issue is not within the product itself, but is intended behavior in a web browser