46 matches found
CVE-2022-24123
MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execution via a .md file containing a mutation Cross-Site Scripting XSS payload...
CVE-2022-24123
MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execution via a .md file containing a mutation Cross-Site Scripting XSS payload...
Cross site scripting
MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execution via a .md file containing a mutation Cross-Site Scripting XSS payload...
CVE-2022-24123
CVE-2022-24123 affects MarkText up to version 0.16.3, where input in a mermaid block is not sanitized before rendering. This can lead to Remote Code Execution via a mutation XSS payload in a Markdown file. The available connected documents confirm the issue and its risk posture (network-based, hi...
CVE-2022-24123
MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execution via a .md file containing a mutation Cross-Site Scripting XSS payload...
MarkText 跨站脚本漏洞
MarkText is a simple and elegant open source Markdown editor focused on speed and usability. A security vulnerability exists in MarkText that could lead to remote code execution via .md files containing mutated cross-site scripting XSS payloads...