Markdown Preview Enhanced 安全漏洞

Markdown Preview Enhanced is a highly powerful markup extension developed by Yiyi Wang. Version 0.8.18 of Markdown Preview Enhanced contains a security vulnerability; this vulnerability arises from uploading specially crafted .md files, potentially allowing for the execution of arbitrary code...

EUVD-2022-48340

Malicious code in bioql PyPI...

EUVD-2023-46824

Malicious code in bioql PyPI...

GHSA-CC55-MVQC-G9MG SummerNote Cross Site Scripting Vulnerability

SummerNote 0.8.18 is vulnerable to Cross Site Scripting XSS via the Code View Function...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

SummerNote Cross-Site Scripting Vulnerability

Summernote is a super simple WYSIWYG editor from Summernote open source. A cross-site scripting vulnerability exists in SummerNote version 0.8.18, which stems from vulnerability to cross-site scripting attacks via the code view feature...

PT-2024-27684 · Unknown · Summernote

Name of the Vulnerable Software and Affected Versions: SummerNote version 0.8.18 Description: The issue is related to Cross Site Scripting XSS via the Code View Function. This means an attacker could potentially inject malicious scripts into the code view of SummerNote, affecting users who intera...

CVE-2024-37629

SummerNote vulnerability CVE-2024-37629 impacts SummerNote in Code View mode across versions including v0.9.1 (and related advisories cite v0.8.18 in older contexts). The NVD/NVD-derived details indicate XSS due to insufficient input handling, with a CVSSv3.1 base score of 6.1 (Medium): attack ve...

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

GHSA-4WH3-3WF2-39M9 Summernote vulnerable to cross-site scripting

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...

PT-2024-22929 · Unknown · Summernote

Name of the Vulnerable Software and Affected Versions: Summernote versions 0.8.18 and earlier Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the codeview parameter. This enables the attacker to perform actions such as executing arbitrary code on...

Summernote 安全漏洞

Summernote is a super simple WYSIWYG editor from the Summernote open source. A security vulnerability exists in Summernote v.0.8.18 and earlier versions, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to execute arbitrary code via a crafted...

CVE-2024-29504

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter...

Miro Desktop Code Injection Vulnerability

Miro Desktop is a desktop application for team collaboration and remote work from Miro. A code injection vulnerability exists in Miro Desktop version 0.8.18 that stems from allowing Electron code injection...

CVE-2023-42371

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...

CVE-2023-42371

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...

Summernote Rich Text Editor Cross-Site Scripting Vulnerability

Summernote Rich Text Editor is a rich text editor from Summernote. A cross-site scripting vulnerability exists in Summernote Rich Text Editor v.0.8.18 and prior versions, which originates from a vulnerability that could allow a remote attacker to execute arbitrary code via a crafted script in the...

PT-2022-27530 · Unknown · Drachtio-Server

Name of the Vulnerable Software and Affected Versions: drachtio-server version 0.8.18 Description: The issue is related to a use-after-free error in the event cb function within request-handler.cpp for any request. Recommendations: For drachtio-server version 0.8.18, consider disabling the event ...

CVE-2022-45473

In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666...

drachtio-server 安全漏洞

drachtio-server is a drachtio open source SIP server built on the sofia SIP stack. drachtio drachtio-server version 0.8.18 has an information disclosure vulnerability that stems from the fact that local users can retrieve sensitive data and attackers can use the vulnerability to obtain sensitive...