Описание
Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files.
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 1.7.0 (включая)
cpe:2.3:a:typora:typora:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00178
Низкий
7.3 High
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 7.3
github
почти 2 года назад
Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files.
EPSS
Процентиль: 39%
0.00178
Низкий
7.3 High
CVSS3
Дефекты
CWE-79