{
  "id": "CVE-2024-34449",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-05-03T16:15:11.520",
  "lastModified": "2024-08-02T03:15:41.763",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [
    {
      "sourceIdentifier": "cve@mitre.org",
      "tags": [
        "disputed"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true."
    },
    {
      "lang": "es",
      "value": "Vditor 3.10.3 permite XSS a trav\u00e9s de un atributo de un elemento A. NOTA: el proveedor indica que se supone que un usuario debe mitigar esto mediante sanitize=true."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/Vanessa219/vditor/blob/b3a14d6e4462b0c17141e1fcc66173264ada64e0/README_en_US.md?plain=1#L310",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/Vanessa219/vditor/issues/1604",
      "source": "cve@mitre.org"
    }
  ]
}