You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Version
@vueup/vue-quill version [e.g. 1.0.0-beta.5]
Describe the bug
The VueNP Quill editor is currently using Quill ≤ 1.3.7, which has a moderate security vulnerability (CVE-2021-41173) related to Cross-site Scripting (XSS).
This vulnerability may allow attackers to execute malicious scripts in users' browsers.
Since no official fix is available for Quill ≤ 1.3.7, it's crucial to explore alternative solutions.
To Reproduce
Steps to reproduce the behavior:
Install VueNP Quill in a Vue project.
Run npm audit or npm ls quill to check the Quill version.
Observe that Quill ≤ 1.3.7 is installed, which contains the XSS vulnerability.
Expected behavior
VueNP Quill should be updated to use newer and securre Quill version 2.0.2.
The text was updated successfully, but these errors were encountered:
Version
@vueup/vue-quill version [e.g. 1.0.0-beta.5]
Describe the bug
The VueNP Quill editor is currently using Quill ≤ 1.3.7, which has a moderate security vulnerability (CVE-2021-41173) related to Cross-site Scripting (XSS).
To Reproduce
Steps to reproduce the behavior:
Expected behavior
VueNP Quill should be updated to use newer and securre Quill version 2.0.2.
The text was updated successfully, but these errors were encountered: