Prototype Pollution in Xdan Jodit
CVE-2026-54756
Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.18, Jodit.configure(options) — and the internal ConfigMerge / ConfigProto helpers — merged user-supplied option…
Vulnerability class: Prototype Pollution
Affected products
- Xdan Jodit — versions < 4.12.18
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)