3 matches found
CVE-2021-20727
Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr...
CVE-2021-20727
Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr...
CVE-2021-20727
CVE-2021-20727 (Zettlr) is a cross-site scripting vulnerability in Zettlr versions from 0.20.0 through 1.8.8. The root cause is the ability to execute arbitrary script when a file or code snippet containing an invalid iframe is loaded into Zettlr, enabling the execution of injected HTML/script in...