Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.18 views

FreeBSD : py-markdown2 -- XSS vulnerability (cf6f3465-e996-4672-9458-ce803f29fdb7)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cf6f3465-e996-4672-9458-ce803f29fdb7 advisory. - python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match...

6.1CVSS6.1AI score0.01868EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.13 views

Fedora: Security Advisory for python-markdown2 (FEDORA-2020-3864f32b3d)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.01868EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.21 views

openSUSE Security Update : python-markdown2 (openSUSE-2020-651)

This update for python-markdown2 fixes the following issues : - CVE-2020-11888: Fixed unsanitized input for cross-site scripting boo1171379 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-651. The...

6.1CVSS6AI score0.01868EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/05/12 12:0 a.m.16 views

openSUSE: Security Advisory for python-markdown2 (openSUSE-SU-2020:0651-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.01868EPSS
Exploits1References2
OSV
OSV
added 2020/05/11 12:19 p.m.5 views

OPENSUSE-SU-2020:0651-1 Security update for python-markdown2

This update for python-markdown2 fixes the following issues: - CVE-2020-11888: Fixed unsanitized input for cross-site scripting boo1171379...

6.1CVSS6AI score0.01868EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2020/04/22 8:59 p.m.5 views

aequitas (>=0.26.0 <=0.42.0), ax (>=0.39.0 <=0.52.0) +27 more potentially affected by CVE-2020-11888 via markdown2 (>=2.3.0 <=2.3.8)

markdown2 PYPI version =2.3.0, =0.26.0, =0.39.0, =0.1.0, =0.5.29, =3.8.3, =0.0.1, =0.4.1, =0.0.1, =0.7.0a1, =0.2.2, =0.4.0rc1590080566 and more Source cves: CVE-2020-11888 Source advisory: OSV:GHSA-FV3H-8X5J-PVGQ...

6.1CVSS6.3AI score0.01868EPSS
Exploits1
OSV
OSV
added 2020/04/20 4:15 p.m.1 views

DEBIAN-CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS5.9AI score0.01868EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/04/20 4:15 p.m.19 views

CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.3AI score0.01868EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2020/04/20 4:15 p.m.4 views

aequitas (>=0.26.0 <=0.42.0), ax (>=0.39.0 <=0.52.0) +27 more potentially affected by CVE-2020-11888 via markdown2 (>=2.3.0 <=2.3.8)

markdown2 PYPI version =2.3.0, =0.26.0, =0.39.0, =0.1.0, =0.5.29, =3.8.3, =0.0.1, =0.4.1, =0.0.1, =0.7.0a1, =0.2.2, =0.4.0rc1590080566 and more Source cves: CVE-2020-11888 Source advisory: OSV:PYSEC-2020-65...

6.1CVSS6.3AI score0.01868EPSS
Exploits1
OSV
OSV
added 2020/04/20 4:15 p.m.6 views

UBUNTU-CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS5.8AI score0.01868EPSS
Exploits1References3
CVE
CVE
added 2020/04/20 3:48 p.m.176 views

CVE-2020-11888

CVE-2020-11888 affects python-markdown2 up to version 2.3.8, where XSS is possible due to mishandling of element names (e.g., elementname@ or elementname- with an onclick attribute). The provided connected documents indicate that later updates (e.g., 2.3.9) include XSS fixes, and openSUSE/Fedora ...

6.1CVSS5.7AI score0.01868EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder