Arbitrary Code Execution through Cross-Site Scripting (XSS) in Froala WYSIWYG Editor 3.1.0

CVE-2020-22864 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML.

Learn more about our Web App Pen Testing.