CVE-2023-42426

CVE-2023-42426CVE-2023-42426

froala / froala_editor

Description

Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component.

Scoring

CVSS 6.1 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Last modified2026-07-05
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.