Parsoid
This hub aggregates every CVE we track for Parsoid, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM3
Monthly trend
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
2024-082026-07
Latest CVEs
The 3 most recently published vulnerabilities affecting Parsoid.
- CVE-2025-61638Sanitizer::validateAttributes data-XSS4.8
- CVE-2025-32699Potential javascript injection attack enabled by Unicode normalization in Action API5.3
- CVE-2021-30458An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x before 0.12.2. An attacker can send crafted wikitext that Utils/WTUtils.php will transform by using a <meta> tag, bypassing san...6.1
Product normalization is registry-driven with AI assist and human review. How it works