3 matches found
CVE-2021-25993
creationtimestamp| type| source ---|---|--- 2021-12-29 20:31:17+00:00| seen| https://t.me/cibsecurity/34745...
CVE-2021-25993 Requarks wiki.js - Stored Cross-Site Scripting (XSS) in markdown editor
In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged editor user can upload a SVG file that contains malicious JavaScript while uploading assets in the page. That will send the JWT tokens to the attacker’s server and will lead to...
CVE-2021-25993
The CVE-2021-25993 entry documents a Stored XSS vulnerability in Requarks wiki.js (versions 2.0.0-beta.147 to 2.5.255). A low-privileged editor can upload an SVG containing malicious JavaScript during asset uploads, causing JWTs to be sent to the attacker server and potentially leading to account...