Lucene search
Adam BaldwinNODEJS:22HistoryOct 17, 2015 - 7:41 p.m.
Multiple Content Injection Vulnerabilities
2015-10-1719:41:46
Adam Baldwin
www.npmjs.com
17
0.002 Low
EPSS
Percentile
64.7%
Overview
Versions 0.3.0 and earlier of marked are affected by two cross-site scripting vulnerabilities, even when sanitize: true is set.
The attack vectors for this vulnerability are GFM Codeblocks and JavaScript URLs.
Recommendation
Upgrade to version 0.3.1 or later.
References
Related
prion
prion
Design/Logic Flaw
2020-01-06 20:15:00
Cross site scripting
2020-01-06 20:15:00
osv
osv
Multiple Content Injection Vulnerabilities in marked
2020-08-31 22:52:52
cve
cve
CVE-2014-1850
2020-01-06 20:15:11
CVE-2014-3743
2020-01-06 20:15:11
nvd
nvd
CVE-2014-1850
2020-01-06 20:15:11
CVE-2014-3743
2020-01-06 20:15:11
cvelist
cvelist
CVE-2014-1850
2020-01-06 19:40:59
CVE-2014-3743
2020-01-06 19:41:04
debiancve
debiancve
CVE-2014-3743
2020-01-06 20:15:11
github
github
Multiple Content Injection Vulnerabilities in marked
2020-08-31 22:52:52
ubuntucve
ubuntucve
CVE-2014-3743
2020-01-06 00:00:00
securityvulns
securityvulns