HTML Injection Vulnerability in Teedy v1.11 Text Editor Allows Execution of Malicious JavaScript

HTML Injection Vulnerability in Teedy v1.11 Text Editor Allows Execution of Malicious JavaScript

CVE-2023-4892 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipulate. Thanks to this, it is possible to execute malicious JavaScript in the webapp.

Learn more about our Web App Pen Testing.