2 matches found
CVE-2017-5553
Cross-site scripting XSS vulnerability in plugins/markdownplugin/markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL...
CVE-2017-5553
CVE-2017-5553 describes a Cross-Site Scripting (XSS) vulnerability in b2evolution’s Markdown plugin: plugins/markdown_plugin/_markdown.plugin.php, affecting versions before 6.8.5. The root cause is improper validation/execution of user-supplied input, enabling remote authenticated users to inject...