Cross-Site Scripting Vulnerability in React Draft Wysiwyg by JPuri
CVE-2021-31712
5.4MEDIUM
What is CVE-2021-31712?
A vulnerability in React Draft Wysiwyg before version 1.14.6 allows an attacker to exploit a JavaScript URI within a link target when a draft is shared among users. This can lead to execution of arbitrary JavaScript code in the context of the user’s session, posing significant risks for data integrity and security.
