CVE-2023-26140

Published August 16th, 2023

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerable to Cross-site Scripting (XSS) via embedded links in whiteboard objects due to improper input sanitization.

excalidraw/excalidraw

Virtual whiteboard for sketching hand-drawn like diagrams

GitHub

125K