Описание
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Product
- ExploitIssue TrackingThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:znote:znote:0.5.2:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.0032
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.
EPSS
Процентиль: 55%
0.0032
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79