CVE-2024-33300

2024-05-0100:00:00

mitre

www.cve.org

typora

markdown

xss

vulnerability

arbitrary code

AI Score

6.5

Confidence

High

EPSS

Percentile

9.0%

JSON

Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files.

References

github.com/whoisoo6/Stored-xss-vulnerability-exists-in-Typra