Back to search
CVE-2025-15056
Published: Jan 13, 2026
Modified: Apr 20, 2026
PUBLISHED
Description
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting (XSS). This issue affects Quill: 2.0.3.
| Vendor | Product | Versions |
|---|---|---|
Slab | Quill | affected 2.0.3 |
Weaknesses (CWE)
References
https://fluidattacks.com/advisories/diomedes
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now