Описание
Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.
Ссылки
- Patch
- ExploitIssue TrackingThird Party Advisory
- Patch
- Patch
- ExploitIssue TrackingThird Party Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 2019-10-27 (исключая)
cpe:2.3:a:jbt:live_\(github-flavored\)_markdown_editor:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 2 лет назад
Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.
EPSS
Процентиль: 14%
0.00047
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79