CVE-2023-30792
Published
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources.
Lexical is an extensible text editor framework that provides excellent reliability, accessibility and performance.
GitHub