exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2024-21535

больше 1 года назад

Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.

CVSS3: 6.1

EPSS: Низкий

CVE-2024-21535

больше 1 года назад

Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.

CVSS3: 6.1

EPSS: Низкий

CVE-2024-21535

больше 1 года назад

Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.

CVSS3: 6.1

EPSS: Низкий

CVE-2024-21535

больше 1 года назад

Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to ...

CVSS3: 6.1

EPSS: Низкий

GHSA-4wx3-54gh-9fr9

больше 1 года назад

Cross site scripting in markdown-to-jsx

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-21535 Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.	CVSS3: 6.1	0% Низкий	больше 1 года назад
CVE-2024-21535 Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.	CVSS3: 6.1	0% Низкий	больше 1 года назад
CVE-2024-21535 Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.	CVSS3: 6.1	0% Низкий	больше 1 года назад
CVE-2024-21535 Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to ...	CVSS3: 6.1	0% Низкий	больше 1 года назад
GHSA-4wx3-54gh-9fr9 Cross site scripting in markdown-to-jsx	CVSS3: 6.1	0% Низкий	больше 1 года назад

Уязвимостей на страницу