Search for packages
| purl | pkg:npm/froala-editor@3.0.6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-26na-eqng-47bj
Aliases: CVE-2021-28114 GHSA-rr6v-h7m8-wc9f |
Affected by 2 other vulnerabilities. |
|
|
VCID-2gd6-6ak2-gycd
Aliases: CVE-2020-22864 GHSA-97x5-cc53-cv4v |
Affected by 2 other vulnerabilities. |
|
|
VCID-kjpz-tkzd-pkcf
Aliases: CVE-2021-30109 GHSA-cq6w-w5rj-p9x8 |
Affected by 2 other vulnerabilities. |
|
|
VCID-nkyp-rjkb-2qcc
Aliases: CVE-2024-51434 GHSA-549p-5c7f-c5p4 |
Inconsistent <plaintext> tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-44qq-h434-r7gc | DOM-based cross-site scripting in Froala Editor |
CVE-2019-19935
GHSA-h236-g5gh-vq6c |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-12T19:46:16.457016+00:00 | GitLab Importer | Affected by | VCID-nkyp-rjkb-2qcc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/froala-editor/CVE-2024-51434.yml | 38.6.0 |
| 2026-06-12T17:50:04.780236+00:00 | GitLab Importer | Affected by | VCID-2gd6-6ak2-gycd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/froala-editor/CVE-2020-22864.yml | 38.6.0 |
| 2026-06-12T17:48:57.053293+00:00 | GitLab Importer | Affected by | VCID-kjpz-tkzd-pkcf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/froala-editor/CVE-2021-30109.yml | 38.6.0 |
| 2026-06-12T17:44:20.526493+00:00 | GitLab Importer | Affected by | VCID-26na-eqng-47bj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/froala-editor/CVE-2021-28114.yml | 38.6.0 |
| 2026-06-12T15:43:30.834848+00:00 | GitLab Importer | Fixing | VCID-44qq-h434-r7gc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/froala-editor/CVE-2019-19935.yml | 38.6.0 |