CVE-2018-19056

2018-11-0715:29:00

Google

osv.dev

0.001 Low

EPSS

Percentile

28.0%

JSON

pandao Editor.md 1.5.0 has DOM XSS via input starting with a “<<” substring, which is mishandled during construction of an A element.

CPENameOperatorVersion
editor.mdeq1.1.1
editor.mdeq1.1.2
editor.mdeq1.4.0
editor.mdeq1.5.0
editor.mdeq1.4.1
editor.mdeq1.1.9
editor.mdeq1.1.6
editor.mdeq1.1.5
editor.mdeq1.4.5
editor.mdeq1.1.4

Name	Operator	Version
editor.md	eq	1.1.1
editor.md	eq	1.1.2
editor.md	eq	1.4.0
editor.md	eq	1.5.0
editor.md	eq	1.4.1
editor.md	eq	1.1.9
editor.md	eq	1.1.6
editor.md	eq	1.1.5
editor.md	eq	1.4.5
editor.md	eq	1.1.4

Rows per page:

1-10 of 201

References

github.com/pandao/editor.md/issues/634

0.001 Low

EPSS

Percentile

28.0%

JSON

Related for OSV:CVE-2018-19056