walidriouah/CVE-2026-30691
GitHub
Releases0
CVE-2026-30691: Stored Cross-Site Scripting (XSS) in @cyntler/react-doc-viewer
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.1 MEDIUM | — | ||
Cross-Site Scripting (XSS) vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode | |||