exploitDog

GHSA-2jc8-q67j-9cf8

Опубликовано: 22 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

HexoEditor 1.1.8 is affected by Cross Site Scripting (XSS). By putting a common XSS payload in a markdown file, if opened with the app, will execute several times.

HexoEditor 1.1.8 is affected by Cross Site Scripting (XSS). By putting a common XSS payload in a markdown file, if opened with the app, will execute several times.

Ссылки

EPSS

Процентиль: 40%

0.00183

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-24656

CVSS3: 6.1

nvd

почти 4 года назад

HexoEditor 1.1.8 is affected by Cross Site Scripting (XSS). By putting a common XSS payload in a markdown file, if opened with the app, will execute several times.

EPSS

Процентиль: 40%

0.00183

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79