31 matches found
CVE-2019-12136
There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element...
CVE-2019-12184
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136...
EUVD-2020-11820
Malware in sbrugna...
EUVD-2018-5376
Malware in sbrugna...
EUVD-2019-3833
Malware in sbrugna...
EUVD-2019-3787
Malware in sbrugna...
CVE-2020-19924
In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks...
BoostIO Boostnote Cross-Site Scripting Vulnerability
BoostIO Boostnote is a Markdown editor that supports multiple platforms. Boostnote 0.12.1 suffers from a cross-site scripting vulnerability that stems from an export to PDF containing an opportunity for XSS attacks. No detailed vulnerability details are provided at this time...
CVE-2020-19924
In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks...
CVE-2020-19924
In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks...
Cross site scripting
In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks...
CVE-2020-19924
Boostnote 0.12.1 exports to PDF and exposes a cross-site scripting (XSS) vulnerability. Primary sources (CVE entries and mirrors in Red Hat/CNVD/OSV/CVE catalogs) consistently describe an XSS risk arising during PDF export, but do not provide concrete exploit vectors, affected subcomponents, or a...
CVE-2020-19924
In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks...
BoostIO Boostnote 跨站脚本漏洞
BoostIO Boostnote is a Markdown editor that supports multiple platforms. Boostnote 0.12.1 suffers from a cross-site scripting vulnerability that stems from an export to PDF containing an opportunity for XSS attacks. No detailed vulnerability details are provided at this time...
Cross site scripting
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136...
CVE-2019-12184
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136...
CVE-2019-12184
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136...
CVE-2019-12184
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136...
CVE-2019-12184
CVE-2019-12184 affects BoostIO Boostnote 0.11.15. The vulnerability is an XSS in browser/components/MarkdownPreview.js triggered via a label named flowchart, sequence, gallery, or chart, demonstrated by a crafted SRC attribute of an IFRAME element. The connected Red Hat CVE-2019-12184 entry mirro...
CVE-2019-12136
There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element...