CNNVD-202512-1569 Information

CNNVD ID

CNNVD-202512-1569

Related CVE

CVE-2025-14284

• CNNVD Published: 2025-12-09

Description (Chinese)

Tiptap Editor是Tiptap开源的一个文本编辑器框架。 Tiptap Editor 2.10.4之前版本存在安全漏洞，该漏洞源于未清理用户输入，可能导致跨站脚本攻击。

Description (English)

Tiptap Editor is a text editor framework for the Tiptap open source. There was a security loophole in the previous version of Tiptap Editor 2.10.4, which originated from uncleaned user input and could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Tiptap

Published

2025-12-09

Last Modified

2026-02-24

References

https://gist.github.com/th4s1s/3d1b6cd3e7257b14947242f712ec6e1f https://github.com/ueberdosis/tiptap/commit/1c2fefe3d61ab1c8fbaa6d6b597251e1b6d9aaed https://github.com/ueberdosis/tiptap/releases/tag/v2.10.4 https://security.snyk.io/vuln/SNYK-JS-TIPTAPEXTENSIONLINK-14222197

Patch

https://github.com/ueberdosis/tiptap/releases