Описание
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| node-marked | fixed | 0.3.9+dfsg-1 | package |
Примечания
https://github.com/chjj/marked/commit/cd2f6f5b7091154c5526e79b5f3bfb4d15995a51
nodejs not covered by security support
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 8 лет назад
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
CVSS3: 6.1
nvd
около 8 лет назад
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
