CVE-2021-32855

Name of the Vulnerable Software and Affected Versions Vditor versions prior to 3.8.7

Description Vditor is a browser-side Markdown editor. The issue at hand is a copy-paste cross-site scripting (XSS) problem. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor.

Recommendations For versions prior to 3.8.7, update to version 3.8.7 to resolve the issue. As a temporary workaround, consider restricting the use of the text editor until the patch is applied.