Lucene search
GoogleOSV:GHSA-9CW2-JQP5-7X39HistoryAug 31, 2020 - 10:52 p.m.
Multiple Content Injection Vulnerabilities in marked
2020-08-3122:52:52
Google
osv.dev
6
marked
cross-site scripting
vulnerabilities
gfm codeblocks
javascript urls
upgrade
software
EPSS
0.002
Percentile
64.5%
Versions 0.3.0 and earlier of marked are affected by two cross-site scripting vulnerabilities, even when sanitize: true is set.
The attack vectors for this vulnerability are GFM Codeblocks and JavaScript URLs.
Recommendation
Upgrade to version 0.3.1 or later.
Related
prion
prion
Design/Logic Flaw
2020-01-06 20:15:00
Cross site scripting
2020-01-06 20:15:00
nodejs
nodejs
Multiple Content Injection Vulnerabilities
2015-10-17 19:41:46
nvd
nvd
CVE-2014-1850
2020-01-06 20:15:11
CVE-2014-3743
2020-01-06 20:15:11
cve
cve
CVE-2014-1850
2020-01-06 20:15:11
CVE-2014-3743
2020-01-06 20:15:11
cvelist
cvelist
CVE-2014-1850
2020-01-06 19:40:59
CVE-2014-3743
2020-01-06 19:41:04
debiancve
debiancve
CVE-2014-3743
2020-01-06 20:15:11
ubuntucve
ubuntucve
CVE-2014-3743
2020-01-06 00:00:00
github
github
Multiple Content Injection Vulnerabilities in marked
2020-08-31 22:52:52
securityvulns
securityvulns