CVE-2024-29504 Information

Description

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter.

Reference

https://github.com/summernote/summernote/pull/3782 https://gist.github.com/phoenix118go/a9192281efcfa518daa709ab7638712b