CVE-2018-19048 (simditor)

Simditor through 2.3.21 allows DOM XSS via an onload attribute within a malformed SVG element.
Source: NIST
CVE-2018-19048 (simditor)