Cross-site Scripting in docsify

🗓️ 18 May 2021 01:18:53Reported by GitHub Advisory DatabaseType

docsify version 4.11.4 XSS vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 20
Cvelist	CVE-2020-7680	20 Jul 202015:22	–	cvelist
Cvelist	CVE-2021-23342 Cross-site Scripting (XSS)	19 Feb 202116:35	–	cvelist
Node.js	Cross-Site Scripting (XSS)	18 May 202101:58	–	nodejs
Node.js	Cross-Site Scripting (XSS)	1 Mar 202119:50	–	nodejs
OSV	Cross-site Scripting in docsify	18 May 202101:53	–	osv
OSV	CVE-2020-7680	20 Jul 202016:15	–	osv
OSV	CVE-2021-23342	19 Feb 202117:15	–	osv
OSV	Docsify XSS Vulnerability	1 Mar 202119:44	–	osv
NVD	CVE-2020-7680	20 Jul 202016:15	–	nvd
NVD	CVE-2021-23342	19 Feb 202117:15	–	nvd

Vulners

Node

docsifyjs docsifyRange<4.11.4

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-7680
github	www.github.com/docsifyjs/docsify/issues/1126
github	www.github.com/docsifyjs/docsify/pull/1128
snyk	www.snyk.io/vuln/SNYK-JS-DOCSIFY-567099
packetstormsecurity	www.packetstormsecurity.com/files/158515/Docsify.js-4.11.4-Cross-Site-Scripting.html
packetstormsecurity	www.packetstormsecurity.com/files/161495/docsify-4.11.6-Cross-Site-Scripting.html
seclists	www.seclists.org/fulldisclosure/2021/Feb/71
github	www.github.com/advisories/GHSA-qpqh-46qj-vwcw

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 May 2021 01:53Current

6.1Medium risk

Vulners AI Score6.1

CVSS24.3

CVSS36.1

EPSS0.03742

CWE-79