4 matches found
CVE-2019-19596
GitBook through 2.6.9 allows XSS via a local .md file...
CVE-2019-19596
creationtimestamp| type| source ---|---|--- 2024-03-07 14:37:13+00:00| seen| https://t.me/ctinow/202439...
@zambezi/ez-doc (=1.0.0-prepare-for-open-source.1), apigeeks-devdocs (=1.0.5) +10 more potentially affected by CVE-2019-19596 via gitbook (>=0.0.1 <=2.6.6)
gitbook NPM version =0.0.1, =1.0.3, =0.0.1, =0.0.0, =0.0.2, =0.0.1, =1.5.0 - grunt-gitbook-install =1.0.0 - lab-devdocs =0.0.1 Source cves: CVE-2019-19596 Source advisory: OSV:GHSA-HWGP-C653-6684...
CVE-2019-19596
The connected documents confirm CVE-2019-19596 affects GitBook up to version 2.6.9 and is a Cross‑Site Scripting (XSS) vulnerability triggered by a local .md file being rendered, enabling attacker‑controlled script to execute in the victim’s browser. Root cause details, affected environments, or ...