vueup / vue-quill

Rich Text Editor Component for Vue 3.
https://vueup.github.io/vue-quill/
MIT License
1.13k stars 282 forks source link

Moderate severity vulnerability #404

Closed Jacobtims closed 1 year ago

Jacobtims commented 1 year ago

Version @vueup/vue-quill version 1.2.0

Describe the bug @vueup/vue-quill 1.2.0 depends on version <=1.3.7 of quill, which contains a security vulnerability.

Severity: moderate
Cross-site Scripting in quill - https://github.com/advisories/GHSA-4943-9vgg-gr5r
No fix available
node_modules/quill
  @vueup/vue-quill  *
  Depends on vulnerable versions of quill
  node_modules/@vueup/vue-quill

More info about the vulnerability here: https://github.com/advisories/GHSA-4943-9vgg-gr5r

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

OleksiiMalitskyi commented 1 year ago

I'm still having a problem with focus loss. Overflow propertis not behaving correctly.