CodiMD Security Vulnerabilities

CodiMD is a real-time collaborative note-taking application open-sourced by HackMD. A security vulnerability exists in CodiMD version 2.5.3 that stems from a lack of authentication and access control vulnerability that allows an unauthenticated attacker to gain unauthorized access to uploaded ima...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...