CVE-2020-27666

Published October 22nd, 2020

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

1

PROJECT

Description

Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview feature.

🚀 Strapi is the leading open-source headless CMS. It’s 100% JavaScript/TypeScript, fully customizable, and developer-first.

GitHub

72.3K