Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

NVD
NVDadded 2019/05/16 3:29 a.m.7 views

CVE-2019-12136

There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element...

5.4CVSS5.1AI score0.00191EPSS
Exploits1References1
Prion
Prionadded 2019/05/16 3:29 a.m.11 views

Cross site scripting

There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element...

3.5CVSS5.1AI score0.00191EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2019/05/16 2:55 a.m.40 views

CVE-2019-12136

BoostIO Boostnote 0.11.15 is affected by CVE-2019-12136. The vulnerability is an XSS in the UI when processing a label named mermaid, exploitable via a crafted SRC attribute of an IFRAME element. The issue originates from Boostnote’s rendering path for this label, enabling injection of malicious ...

5.4CVSS5.1AI score0.00191EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/05/16 2:55 a.m.8 views

CVE-2019-12136

There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element...

5.2AI score0.00191EPSS
Exploits1References1
CNVD
CNVDadded 2019/05/15 12:0 a.m.1 views

Boostnote cross-site scripting vulnerability (CNVD-2019-14706)

Boostnote is an application for writing code snippets. The program supports writing JavaScript, Python, HTML and CSS in several languages and has an autosave feature. A cross-site scripting vulnerability exists in Boostnote version 0.11.15, which stems from the failure of the WEB application to...

5.4CVSS6.5AI score0.00191EPSS
Exploits1References1
CNVD
CNVDadded 2018/07/18 12:0 a.m.2 views

Boostnote Cross-Site Scripting Vulnerability

Boostnote is an application for writing code snippets. The program supports writing JavaScript, Python, HTML and CSS in several languages and has an autosave feature. A cross-site scripting vulnerability exists in Boostnote version 0.11.7. A remote attacker can exploit this vulnerability to injec...

6.1CVSS6.1AI score0.0024EPSS
Exploits1References1
Prion
Prionadded 2018/07/08 12:29 p.m.12 views

Design/Logic Flaw

Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element...

4.3CVSS6AI score0.0024EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2018/07/08 12:29 p.m.11 views

CVE-2018-13433

Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element...

6.1CVSS6AI score
Exploits0References1
NVD
NVDadded 2018/07/08 12:29 p.m.7 views

CVE-2018-13433

Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element...

6.1CVSS6.1AI score0.0024EPSS
Exploits1References1
Cvelist
Cvelistadded 2018/07/08 12:0 p.m.9 views

CVE-2018-13433

Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element...

6.1AI score0.0024EPSS
Exploits1References1
CVE
CVEadded 2018/07/08 12:0 p.m.67 views

CVE-2018-13433

CVE-2018-13433 affects Boostnote v0.11.7, where XSS is possible during Markdown highlighting, demonstrated via an onerror attribute on an IMG element. The connected sources confirm the vulnerability pattern but do not provide explicit exploit details, affected versions beyond v0.11.7, or remediat...

6.1CVSS6AI score0.0024EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder