CVE-2020-18336

2023-10-1000:00:00

mitre

www.cve.org

cve-2020-18336

cross site scripting

typora v0.9.65

pdf export

sensitive information

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.3%

JSON

Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function.

References

github.com/typora/typora-issues/issues/2232