exploitDog

GHSA-vmv5-whxc-fr99

Опубликовано: 07 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button.

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button.

Ссылки

EPSS

Процентиль: 21%

0.00066

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-60312

CVSS3: 6.1

nvd

4 месяца назад

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button.

EPSS

Процентиль: 21%

0.00066

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79