Stevenluengo

**Name of the Vulnerable Software and Affected Versions** Summernote versions 0.8.18 and earlier **Description** The issue allows a remote attacker to execute arbitrary code via a crafted payload to the `codeview` parameter. This enables the attacker to perform actions such as executing arbitrary code on the affected system. **Recommendations** For Summernote versions 0.8.18 and earlier, as a temporary workaround, consider restricting access to the `codeview` parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.