froala-editor

The next generation Javascript WYSIWYG HTML rich text editor made by devs for devs. High performance and modern design make it easy to use for developers and loved by users.

Latest 5.2.0

NPM

90%

Total Score

Maintainer Stability

Dependencies

100

Maturity

100

Supply Chain

100

Attestations

Are you affected? Scan for Free

Vulnerabilities

Title	Versions	Severity
AIKIDO-2025-10308 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. froala-editor is vulnerable to Dependency on Vulnerable Third-Party Component in versions 2.0.2 - 4.5.1.	2.0.2 - 4.5.1	Low
CVE-2024-51434 froala-editor is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 4.3.0.	0.0.0 - 4.3.0	Medium
AIKIDO-2024-10064 froala-editor is vulnerable to Cross-site Scripting (XSS) in versions 4.0.1 - 4.1.3.	4.0.1 - 4.1.3	Medium
CVE-2019-19935 froala-editor is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 3.2.3.	0.0.0 - 3.2.3	Medium
CVE-2020-22864 froala-editor is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 4.0.6.	0.0.0 - 4.0.6	Medium