CVE-2023-43263

Name of the Vulnerable Software and Affected Versions Froala Editor version 4.1.1

Description A Cross-site scripting (XSS) issue exists due to insufficient protection of the web page structure. This allows a remote attacker to execute arbitrary code via the Markdown component of the Froala Editor.

Recommendations For Froala Editor version 4.1.1, consider disabling the Markdown component as a temporary workaround until a patch is available. Restrict access to the Markdown feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.