CVE-2019-20903

Summary

The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in link targets.

Affected Software

VendorProductVersion RangeStatus
Atlassian@atlaskit/editor-coreunspecified < 113.1.5affected

Weaknesses

  • Cross-Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References