Lucene search
K

4 matches found

OSV
OSV
added 2020/01/06 8:15 p.m.9 views

CVE-2014-3743

Multiple cross-site scripting XSS vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 gfm codeblocks language or 2 javascript url's...

6.1CVSS6AI score0.01715EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2020/01/06 8:15 p.m.23 views

CVE-2014-3743

Multiple cross-site scripting XSS vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 gfm codeblocks language or 2 javascript url's. sanitize: true Even if this option is set, marked is vulnerable to...

6.1CVSS6.4AI score0.01715EPSS
Exploits0References4
Prion
Prion
added 2020/01/06 8:15 p.m.14 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3743. Reason: This candidate is a duplicate of CVE-2014-3743. Notes: All CVE users should reference CVE-2014-3743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.3AI score0.01715EPSS
Exploits0
CVE
CVE
added 2020/01/06 7:41 p.m.101 views

CVE-2014-3743

CVE-2014-3743 affects the Node.js Marked module (before 0.3.1). The vulnerability is due to cross-site scripting in two vectors: gfm codeblocks (language) and javascript: URLs, allowing remote attackers to inject arbitrary script/HTML. The OSV and NVD records corroborate XSS in Marked prior to 0....

6.1CVSS5.9AI score0.01715EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder