Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/froala-editor@2.0.4-1

Type npm

Namespace

Name froala-editor

Version 2.0.4-1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-26na-eqng-47bj

vulnerability_id VCID-26na-eqng-47bj

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28114

reference_id

reference_type

scores

value	0.0057
scoring_system	epss
scoring_elements	0.69055
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28114

reference_url

https://froala.com/wysiwyg-editor

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://froala.com/wysiwyg-editor

reference_url	https://froala.com/wysiwyg-editor/
reference_id
reference_type
scores
url	https://froala.com/wysiwyg-editor/

reference_url	https://labs.bishopfox.com/advisories
reference_id
reference_type
scores
url	https://labs.bishopfox.com/advisories

reference_url

https://labs.bishopfox.com/advisories/froala-editor-v3.2.6

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://labs.bishopfox.com/advisories/froala-editor-v3.2.6

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-28114

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-28114

reference_url	https://github.com/advisories/GHSA-rr6v-h7m8-wc9f
reference_id	GHSA-rr6v-h7m8-wc9f
reference_type
scores
url	https://github.com/advisories/GHSA-rr6v-h7m8-wc9f

fixed_packages

url pkg:npm/froala-editor@3.2.7

purl pkg:npm/froala-editor@3.2.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gd6-6ak2-gycd

vulnerability	VCID-nkyp-rjkb-2qcc

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/froala-editor@3.2.7

aliases CVE-2021-28114, GHSA-rr6v-h7m8-wc9f

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26na-eqng-47bj

url VCID-2gd6-6ak2-gycd

vulnerability_id VCID-2gd6-6ak2-gycd

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-22864

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.58414
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-22864

reference_url

https://github.com/418sec/wysiwyg-editor/pull/1

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/418sec/wysiwyg-editor/pull/1

reference_url

https://github.com/froala/wysiwyg-editor

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor

reference_url

https://github.com/froala/wysiwyg-editor/issues/3880

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor/issues/3880

reference_url

https://github.com/froala/wysiwyg-editor/pull/3911

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor/pull/3911

reference_url

https://github.com/froala/wysiwyg-editor/releases/tag/v4.0.11

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor/releases/tag/v4.0.11

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-22864

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-22864

reference_url

https://www.youtube.com/watch?v=WE3b1iSnWJY

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.youtube.com/watch?v=WE3b1iSnWJY

reference_url	https://github.com/advisories/GHSA-97x5-cc53-cv4v
reference_id	GHSA-97x5-cc53-cv4v
reference_type
scores
url	https://github.com/advisories/GHSA-97x5-cc53-cv4v

fixed_packages

url pkg:npm/froala-editor@4.0.11

purl pkg:npm/froala-editor@4.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dteb-y9ag-rqb5

vulnerability	VCID-nkyp-rjkb-2qcc

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/froala-editor@4.0.11

aliases CVE-2020-22864, GHSA-97x5-cc53-cv4v

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2gd6-6ak2-gycd

url VCID-44qq-h434-r7gc

vulnerability_id VCID-44qq-h434-r7gc

summary DOM-based cross-site scripting in Froala Editor

references

reference_url

http://packetstormsecurity.com/files/158300/Froala-WYSIWYG-HTML-Editor-3.1.1-Cross-Site-Scripting.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/158300/Froala-WYSIWYG-HTML-Editor-3.1.1-Cross-Site-Scripting.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19935

reference_id

reference_type

scores

value	0.02161
scoring_system	epss
scoring_elements	0.84654
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19935

reference_url

https://blog.compass-security.com/2020/07/yet-another-froala-0-day-xss

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.compass-security.com/2020/07/yet-another-froala-0-day-xss

reference_url	https://blog.compass-security.com/2020/07/yet-another-froala-0-day-xss/
reference_id
reference_type
scores
url	https://blog.compass-security.com/2020/07/yet-another-froala-0-day-xss/

reference_url

https://compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2020-004_DOM_XSS_in_Froala_WYSIWYG_HTML_Editor.txt

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2020-004_DOM_XSS_in_Froala_WYSIWYG_HTML_Editor.txt

reference_url

https://froala.com/wysiwyg-editor/changelog/#3.2.3

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://froala.com/wysiwyg-editor/changelog/#3.2.3

reference_url

https://github.com/froala/wysiwyg-editor/compare/v3.0.5...v3.0.6

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor/compare/v3.0.5...v3.0.6

reference_url

https://github.com/froala/wysiwyg-editor-release

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor-release

reference_url

https://snyk.io/vuln/npm:froala-editor

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/npm:froala-editor

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19935

reference_id

CVE-2019-19935

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19935

reference_url

https://github.com/advisories/GHSA-h236-g5gh-vq6c

reference_id

GHSA-h236-g5gh-vq6c

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h236-g5gh-vq6c

fixed_packages

url pkg:npm/froala-editor@3.0.6

purl pkg:npm/froala-editor@3.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26na-eqng-47bj

vulnerability	VCID-2gd6-6ak2-gycd

vulnerability	VCID-kjpz-tkzd-pkcf

vulnerability	VCID-nkyp-rjkb-2qcc

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/froala-editor@3.0.6

url pkg:npm/froala-editor@3.2.3

purl pkg:npm/froala-editor@3.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26na-eqng-47bj

vulnerability	VCID-2gd6-6ak2-gycd

vulnerability	VCID-kjpz-tkzd-pkcf

vulnerability	VCID-nkyp-rjkb-2qcc

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/froala-editor@3.2.3

aliases CVE-2019-19935, GHSA-h236-g5gh-vq6c

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44qq-h434-r7gc

url VCID-kjpz-tkzd-pkcf

vulnerability_id VCID-kjpz-tkzd-pkcf

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-30109

reference_id

reference_type

scores

value	0.0031
scoring_system	epss
scoring_elements	0.54595
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-30109

reference_url

https://github.com/froala/wysiwyg-editor-release

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor-release

reference_url

https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-30109

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-30109

reference_url	https://github.com/advisories/GHSA-cq6w-w5rj-p9x8
reference_id	GHSA-cq6w-w5rj-p9x8
reference_type
scores
url	https://github.com/advisories/GHSA-cq6w-w5rj-p9x8

fixed_packages

url pkg:npm/froala-editor@3.2.7

purl pkg:npm/froala-editor@3.2.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gd6-6ak2-gycd

vulnerability	VCID-nkyp-rjkb-2qcc

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/froala-editor@3.2.7

aliases CVE-2021-30109, GHSA-cq6w-w5rj-p9x8

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjpz-tkzd-pkcf

url VCID-nkyp-rjkb-2qcc

vulnerability_id VCID-nkyp-rjkb-2qcc

summary Inconsistent <plaintext> tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-51434

reference_id

reference_type

scores

value	0.005
scoring_system	epss
scoring_elements	0.66426
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-51434

reference_url

https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434

reference_url

https://github.com/froala/wysiwyg-editor

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/froala/wysiwyg-editor

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-51434

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-51434

reference_url

https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434/

reference_id

froala-wysiwyg-editor---xss-cve-2024-51434

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-08T16:29:42Z/

url

https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434/

reference_url	https://github.com/advisories/GHSA-549p-5c7f-c5p4
reference_id	GHSA-549p-5c7f-c5p4
reference_type
scores
url	https://github.com/advisories/GHSA-549p-5c7f-c5p4

fixed_packages

aliases CVE-2024-51434, GHSA-549p-5c7f-c5p4

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nkyp-rjkb-2qcc

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/froala-editor@2.0.4-1

Package Instance