A vulnerability in the HTML editor of Slab Quill 4.8.0 allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. Note: Researchers have claimed that this issue is not within the product itself, but is intended behavior in a web browser
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-04-12T20:35:07

Updated: 2024-08-03T16:45:51.393Z

Reserved: 2021-01-17T00:00:00

Link: CVE-2021-3163

cve-icon Vulnrichment

Updated: 2024-08-03T16:45:51.393Z

cve-icon NVD

Status : Modified

Published: 2021-04-12T21:15:14.340

Modified: 2024-11-21T06:21:02.183

Link: CVE-2021-3163

cve-icon Redhat

No data.