NodeJS/quill/1.3.7

Your powerful, rich text editor

Repo Link: https://www.npmjs.com/package/quill
License: BSD-3-Clause

1 Security Vulnerabilities

Cross-site Scripting in quill

Published date: 2021-05-10T15:38:12Z

CVE: CVE-2021-3163

Links:

A vulnerability in the HTML editor of Slab Quill allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. No patch exists and no further releases are planned.

This CVE is disputed. Researchers have claimed that this issue is not within the product itself, but is intended behavior in a web browser. More information can be found here.

Affected versions: ["0.1.0", "0.1.1", "0.1.2", "0.1.4", "0.1.5", "0.1.5-1", "0.19.0", "0.19.1", "0.19.2", "0.19.3", "0.19.4", "0.19.5", "0.19.7", "0.19.8", "0.19.10", "0.19.11", "0.19.12", "0.19.14", "0.20.0", "0.20.1", "1.0.0-beta.0", "1.0.0-beta.1", "1.0.0-beta.2", "1.0.0-beta.3", "1.0.0-beta.4", "1.0.0-beta.5", "1.0.0-beta.6", "1.0.0-beta.8", "1.0.0-beta.9", "1.0.0-beta.10", "1.0.0-beta.11", "1.0.0-rc.0", "1.0.0-rc.1", "1.0.0-rc.2", "1.0.0-rc.3", "1.0.0-rc.4", "1.0.0", "1.0.2", "1.0.3", "1.0.4", "1.0.6", "1.1.0", "1.1.1", "1.1.2", "1.1.3", "1.1.5", "1.1.6", "1.1.7", "1.1.8", "1.1.9", "1.1.10", "1.2.0", "1.2.1", "1.2.2", "1.2.3", "1.2.4", "1.2.5", "1.2.6", "1.3.0", "1.3.1", "1.3.2", "1.3.3", "1.3.4", "1.3.5", "1.3.6", "1.3.7"]

Secure versions: [2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, 2.0.0-rc.0, 2.0.0-rc.1, 2.0.0-rc.2, 2.0.0-rc.3, 2.0.0-rc.4, 2.0.0-rc.5, 2.0.0, 2.0.1]

Recommendation: Update to version 2.0.1.

77 Other Versions

Version	License	Security	Released
2.0.1	BSD-3-Clause		2024-05-01 - 09:11	3 days
2.0.0	BSD-3-Clause		2024-04-17 - 00:45	17 days
2.0.0-rc.5	BSD-3-Clause		2024-04-04 - 13:36	29 days
2.0.0-rc.4	BSD-3-Clause		2024-03-24 - 04:43	about 1 month
2.0.0-rc.3	BSD-3-Clause		2024-03-16 - 02:46	about 2 months
2.0.0-rc.2	BSD-3-Clause		2024-02-15 - 08:05	3 months
2.0.0-rc.1	BSD-3-Clause		2024-02-12 - 04:37	3 months
2.0.0-rc.0	BSD-3-Clause		2024-02-03 - 06:08	3 months
2.0.0-beta.2	BSD-3-Clause		2024-01-30 - 10:38	3 months
2.0.0-beta.1	BSD-3-Clause		2024-01-21 - 14:50	3 months
2.0.0-beta.0	BSD-3-Clause		2023-12-08 - 01:40	5 months
1.3.7	BSD-3-Clause	1	2019-09-09 - 07:15	over 4 years
1.3.6	BSD-3-Clause	2	2018-03-12 - 06:39	about 6 years
1.3.5	BSD-3-Clause	2	2018-01-22 - 19:24	over 6 years
1.3.4	BSD-3-Clause	2	2017-11-06 - 07:36	over 6 years
1.3.3	BSD-3-Clause	2	2017-10-09 - 06:02	over 6 years
1.3.2	BSD-3-Clause	2	2017-09-04 - 03:18	over 6 years
1.3.1	BSD-3-Clause	2	2017-08-07 - 09:04	over 6 years
1.3.0	BSD-3-Clause	2	2017-07-17 - 06:03	almost 7 years
1.2.6	BSD-3-Clause	2	2017-06-05 - 17:21	almost 7 years
1.2.5	BSD-3-Clause	2	2017-05-29 - 04:56	almost 7 years
1.2.4	BSD-3-Clause	2	2017-04-18 - 03:44	about 7 years
1.2.3	BSD-3-Clause	2	2017-03-29 - 04:14	about 7 years
1.2.2	BSD-3-Clause	2	2017-02-27 - 09:28	about 7 years
1.2.1	BSD-3-Clause	2	2017-02-27 - 05:10	about 7 years
1.2.0	BSD-3-Clause	2	2017-01-21 - 09:21	over 7 years
1.1.10	BSD-3-Clause	2	2017-01-16 - 01:22	over 7 years
1.1.9	BSD-3-Clause	2	2017-01-02 - 04:54	over 7 years
1.1.8	BSD-3-Clause	2	2016-12-23 - 09:10	over 7 years
1.1.7	BSD-3-Clause	2	2016-12-13 - 08:45	over 7 years
1.1.6	BSD-3-Clause	2	2016-12-08 - 18:36	over 7 years
1.1.5	BSD-3-Clause	2	2016-11-07 - 22:57	over 7 years
1.1.3	BSD-3-Clause	2	2016-10-24 - 21:00	over 7 years
1.1.2	BSD-3-Clause	2	2016-10-24 - 00:37	over 7 years
1.1.1	BSD-3-Clause	2	2016-10-21 - 00:57	over 7 years
1.1.0	BSD-3-Clause	2	2016-10-17 - 03:13	over 7 years
1.0.6	BSD-3-Clause	2	2016-09-30 - 00:03	over 7 years
1.0.4	BSD-3-Clause	2	2016-09-19 - 01:01	over 7 years
1.0.3	BSD-3-Clause	2	2016-09-07 - 22:38	over 7 years
1.0.2	BSD-3-Clause	2	2016-09-07 - 07:03	over 7 years
1.0.0	BSD-3-Clause	2	2016-09-06 - 16:01	over 7 years
1.0.0-rc.4	BSD-3-Clause	2	2016-08-31 - 18:34	over 7 years
1.0.0-rc.3	BSD-3-Clause	2	2016-08-29 - 23:08	over 7 years
1.0.0-rc.2	BSD-3-Clause	2	2016-08-23 - 22:00	over 7 years
1.0.0-rc.1	BSD-3-Clause	2	2016-08-23 - 05:39	over 7 years
1.0.0-rc.0	BSD-3-Clause	2	2016-08-18 - 07:19	over 7 years
1.0.0-beta.11	BSD-3-Clause	2	2016-08-03 - 21:10	over 7 years
1.0.0-beta.10	BSD-3-Clause	2	2016-08-03 - 03:26	almost 8 years
1.0.0-beta.9	BSD-3-Clause	2	2016-07-19 - 00:24	almost 8 years
1.0.0-beta.8	BSD-3-Clause	2	2016-07-08 - 04:54	almost 8 years
1.0.0-beta.6	BSD-3-Clause	2	2016-06-21 - 00:20	almost 8 years
1.0.0-beta.5	BSD-3-Clause	2	2016-06-14 - 02:41	almost 8 years
1.0.0-beta.4	BSD-3-Clause	2	2016-06-03 - 05:56	almost 8 years
1.0.0-beta.3	BSD-3-Clause	2	2016-05-25 - 03:36	almost 8 years
1.0.0-beta.2	BSD-3-Clause	2	2016-05-15 - 05:08	almost 8 years
1.0.0-beta.1	BSD-3-Clause	2	2016-05-10 - 00:53	almost 8 years
1.0.0-beta.0	BSD-3-Clause	2	2016-05-03 - 19:18	about 8 years
0.20.1	BSD-3-Clause	2	2015-11-11 - 07:53	over 8 years
0.20.0	BSD-3-Clause	2	2015-07-27 - 23:01	almost 9 years
0.19.14	BSD-3-Clause	2	2015-06-16 - 23:52	almost 9 years
0.19.12	BSD-3-Clause	2	2015-05-08 - 23:31	almost 9 years
0.19.11	BSD-3-Clause	2	2015-04-25 - 23:59	about 9 years
0.19.10	BSD-3-Clause	2	2015-03-20 - 07:26	about 9 years
0.19.8	BSD-3-Clause	2	2014-12-09 - 06:20	over 9 years
0.19.7	BSD-3-Clause	2	2014-11-25 - 02:30	over 9 years
0.19.5	BSD-3-Clause	2	2014-11-24 - 00:41	over 9 years
0.19.4	BSD-3-Clause	2	2014-11-16 - 22:53	over 9 years
0.19.3	BSD-3-Clause	2	2014-11-10 - 03:03	over 9 years
0.19.2	BSD-3-Clause	2	2014-11-08 - 01:55	over 9 years
0.19.1	BSD-3-Clause	2	2014-11-07 - 18:41	over 9 years
0.19.0	BSD-3-Clause	2	2014-11-07 - 05:15	over 9 years
0.1.5	BSD-3-Clause	2	2012-03-27 - 21:12	about 12 years
0.1.5-1	BSD-3-Clause	2	2012-03-28 - 00:37	about 12 years
0.1.4	BSD-3-Clause	2	2012-03-25 - 17:02	about 12 years
0.1.2	BSD-3-Clause	2	2012-03-25 - 16:20	about 12 years
0.1.1	BSD-3-Clause	2	2012-03-25 - 16:12	about 12 years
0.1.0	BSD-3-Clause	2	2012-03-25 - 16:10	about 12 years