23 matches found
CVE-2026-43979
Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...
CVE-2026-43979
CVE-2026-43979 affects Local Deep Research. Before 1.6.0, PDFService._markdown_to_html() embeds user-supplied title and metadata into HTML without escaping, allowing HTML injection in the PDF export flow. This can chain into SSRF via WeasyPrint when rendering the PDF, bypassing existing SSRF defe...
CVE-2026-43979
Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...
CVE-2026-43979 Local Deep Research: HTML Injection via Unescaped User Input in PDF Export (`pdf_service.py:_markdown_to_html`)
Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...
Local Deep Research 安全漏洞
Local Deep Research is an AI search assistant developed by LearningCircuit. Versions prior to 1.6.0 of Local Deep Research contained a security vulnerability. This vulnerability stemmed from PDFService.markdowntohtml not properly escaping user-controlled values, allowing authentication attackers ...
GHSA-JV8M-2544-3PG3 Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`
Description Several filters in the twig/ extras packages are registered with issafe = 'all', which tells Twig's autoescaper to treat their output as safe in every context html, js, css, url, .... The output of these filters is plain text or HTML markup, neither of which is safe in every escaping...
Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`
Description Several filters in the twig/ extras packages are registered with issafe = 'all', which tells Twig's autoescaper to treat their output as safe in every context html, js, css, url, .... The output of these filters is plain text or HTML markup, neither of which is safe in every escaping...
PT-2026-42631
Description Several filters in the twig/ extras packages are registered with is safe = 'all', which tells Twig's autoescaper to treat their output as safe in every context html, js, css, url, .... The output of these filters is plain text or HTML markup, neither of which is safe in every escaping...
Cross-site Scripting (XSS)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS in the markDownToHTML function. An attacker can execute arbitrary JavaScript in the context of another user's browser session by crafting ...
EUVD-2025-201710
In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cross-Site Scripting XSS. On the backend, the relatedvulnerabilities field of bundles accepted arbitrary strings without format validation or proper...
CVE-2025-42620
In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cross-Site Scripting XSS. On the backend, the relatedvulnerabilities field of bundles accepted arbitrary strings without format validation or proper...
CVE-2025-42620
The CVE-2025-42620 issue affects Vulnerability-Lookup prior to 2.18.0. The root cause is unsafe handling of user-controlled content in comments and bundles: the backend’s related_vulnerabilities field accepts unvalidated strings, while the frontend converts Markdown to HTML and injects it into th...
PT-2025-49551
In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cross-Site Scripting XSS. On the backend, the related vulnerabilities field of bundles accepted arbitrary strings without format validation or proper...
CVE-2025-60312
Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...
CVE-2025-60312
Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...
CVE-2025-60312
Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...
SourceCodester Markdown to HTML Converter 安全漏洞
SourceCodester Markdown to HTML Converter is an open source markdown to html converter from SourceCodester. A security vulnerability exists in SourceCodester Markdown to HTML Converter v1.0, which stems from the Markdown Input field being vulnerable to cross-site scripting attacks that could lead...
CVE-2025-60312
Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...
Malicious code in markdown-to-html (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-2922 Malicious code in markdown-to-html (NuGet)
--- -= Per source details. Do not edit below this line.=-...