Zettlr is the most comprehensive editor for professionally editing Markdown files. version 2.3.0 of Zettlr is vulnerable to an input validation error, which stems from the fact that the application has no CSP policy and does not properly validate content before rendering markdown files, which could be exploited by an attacker to view arbitrary files locally.
CPE | Name | Operator | Version |
---|---|---|---|
zettlr zettlr | eq | 2.3.0 |