112 matches found
[SECURITY] Fedora 35 Update: python-markdown2-2.4.2-1.fc35
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
Description of the security update for SharePoint Server 2019: August 10, 2021 (KB5002000)
Description of the security update for SharePoint Server 2019: August 10, 2021 KB5002000 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see the Microsoft Common Vulnerabilities and Exposures CVE-2021-36940. Note: ...
[SECURITY] Fedora 34 Update: python-markdown2-2.4.0-1.fc34
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
CVE-2021-30074
docsify 4.12.1 is affected by Cross Site Scripting XSS because the search component does not appropriately encode Code Blocks and mishandles the " character...
CVE-2021-30074
docsify 4.12.1 is affected by Cross Site Scripting XSS because the search component does not appropriately encode Code Blocks and mishandles the " character...
Cross site scripting
docsify 4.12.1 is affected by Cross Site Scripting XSS because the search component does not appropriately encode Code Blocks and mishandles the " character...
CVE-2021-30074
docsify 4.12.1 is affected by Cross Site Scripting XSS because the search component does not appropriately encode Code Blocks and mishandles the " character...
CVE-2021-30074
CVE-2021-30074 affects docsify 4.12.1 and earlier, with a Cross Site Scripting (XSS) vulnerability in the search component due to improper encoding of code blocks and mishandling of the quote character. The issue is documented across multiple sources (GHSA, Red Hat, OSV, CVE records) and confirms...
docsify 跨站脚本漏洞
docsify is a documentation website generator. A cross-site scripting vulnerability exists in docsify 4.12.1, which stems from the search component not properly coding code blocks and incorrectly handling "characters"...
CVE-2021-21383 XSS in Wiki.js
Wiki.js an open-source wiki app built on Node.js. Wiki.js before version 2.5.191 is vulnerable to stored cross-site scripting through mustache expressions in code blocks. This vulnerability exists due to mustache expressions being parsed by Vue during content injection even though it is contained...
DEBIAN-CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
UBUNTU-CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
Cross-site Scripting (XSS)
Overview markdown-it-prism is a The plugin will insert the necessary markup into all code blocks. Include one of Prism’s stylesheets in your HTML to get highlighted code. Affected versions of this package are vulnerable to Cross-site Scripting XSS. It is possible to insert malicious JavaScript as...
GHSA-9CW2-JQP5-7X39 Multiple Content Injection Vulnerabilities in marked
Versions 0.3.0 and earlier of marked are affected by two cross-site scripting vulnerabilities, even when sanitize: true is set. The attack vectors for this vulnerability are GFM Codeblocks and JavaScript URLs. Recommendation Upgrade to version 0.3.1 or later...
Code Blocks 20.03 - Denial Of Service Exploit
Exploit Title: Code Blocks 20.03 - Denial Of Service PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/20.03/Windows/codeblocks-20.03-setup.exe/download Exploit Author: Paras Bhatia Vulnerable Software: Code Blocks...
Code Blocks 20.03 Denial Of Service
Exploit Title: Code Blocks 20.03 - Denial Of Service PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/20.03/Windows/codeblocks-20.03-setup.exe/download Exploit Author: Paras Bhatia Discovery Date: 2020-06-23...
Code Blocks 20.03 - Denial Of Service (PoC)
Exploit Title: Code Blocks 20.03 - Denial Of Service PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/20.03/Windows/codeblocks-20.03-setup.exe/download Exploit Author: Paras Bhatia Discovery Date: 2020-06-23...
Code Blocks 17.12 - Local Buffer Overflow
Code Blocks version 17.12 File Name SEH unicode local buffer overflow exploit. Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download:...