A vulnerability in the HTML editor of Slab Quill 4.8.0 allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. Note: Researchers have claimed that this issue is not within the product itself, but is intended behavior in a web browser
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-12T20:35:07
Updated: 2024-08-03T16:45:51.393Z
Reserved: 2021-01-17T00:00:00
Link: CVE-2021-3163
Vulnrichment
Updated: 2024-08-03T16:45:51.393Z
NVD
Status : Modified
Published: 2021-04-12T21:15:14.340
Modified: 2024-11-21T06:21:02.183
Link: CVE-2021-3163
Redhat
No data.