Lucene search
PRIOn knowledge basePRION:CVE-2018-5773HistoryJan 18, 2018 - 9:29 p.m.
Design/Logic Flaw
2018-01-1821:29:00
PRIOn knowledge base
www.prio-n.com
1
An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final ‘>’ character from an IMG tag.
| CPE | Name | Operator | Version |
|---|---|---|---|
| python-markdown2 | le | 2.3.5 |
Related
nessus
nessus
Fedora 27 : python-markdown2 (2018-e52160d0bc)
2018-10-11 00:00:00
Fedora 29 : python-markdown2 (2018-6a8028084d)
2019-01-03 00:00:00
Fedora 28 : python-markdown2 (2019-a16e1127d3)
2019-02-19 00:00:00
osv
osv
markdown2 is vulnerable to cross-site scripting
2018-07-12 20:29:21
CVE-2018-5773
2018-01-18 21:29:00
PYSEC-2018-13
2018-01-18 21:29:00
openvas
openvas
Fedora Update for python-markdown2 FEDORA-2019-a16e1127d3
2019-02-18 00:00:00
Fedora Update for python-markdown2 FEDORA-2018-e52160d0bc
2018-10-11 00:00:00
Fedora Update for python-markdown2 FEDORA-2018-dd98177cad
2018-10-11 00:00:00
nvd
nvd
CVE-2018-5773
2018-01-18 21:29:00
github
github
markdown2 is vulnerable to cross-site scripting
2018-07-12 20:29:21
fedora
fedora
[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29
2018-10-09 00:07:50
[SECURITY] Fedora 28 Update: python-markdown2-2.3.6-1.fc28
2018-10-10 22:47:15
[SECURITY] Fedora 29 Update: python-markdown2-2.3.7-1.fc29
2019-02-18 02:05:34
veracode
veracode
Cross-site Scripting (XSS)
2018-01-19 04:50:24
Cross-Site Scripting (XSS)
2020-07-07 07:40:16
cve
cve
CVE-2018-5773
2022-10-03 16:22:01
cvelist
cvelist
CVE-2018-5773
2022-10-03 16:22:01