exploitDog

GHSA-9852-mg56-6j5x

Опубликовано: 11 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.

Ссылки

EPSS

Процентиль: 59%

0.00385

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-42967

CVSS3: 7.5

nvd

около 3 лет назад

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.

EPSS

Процентиль: 59%

0.00385

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79