3 matches found
CVE-2018-1000874
PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a...
CVE-2018-1000874
PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a...
CVE-2018-1000874
The CVE-2018-1000874 entry concerns the cebe/markdown parser (versions 1.2.0 and earlier) with a Cross-Site Scripting (XSS) vulnerability caused by the parser’s handling of a three-backtick payload that can precede a script tag (for example, ). This could allow execution of malicious code in vuln...