exploitDog

GHSA-vcxq-cq58-3vpv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution (RCE) by opening .md files containing a mutation Cross Site Scripting (XSS) payload.

Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution (RCE) by opening .md files containing a mutation Cross Site Scripting (XSS) payload.

Ссылки

EPSS

Процентиль: 87%

0.0322

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-29996

CVSS3: 9.6

nvd

почти 5 лет назад

Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution (RCE) by opening .md files containing a mutation Cross Site Scripting (XSS) payload.

EPSS

Процентиль: 87%

0.0322

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79