5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.4%
Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL.
b2evolution.net/downloads/6-8-5
www.securityfocus.com/bid/95704
github.com/b2evolution/b2evolution/commit/ce5b36e44b714b18b0bcd34c6db0187b8d13bab8