7 matches found
EUVD-2021-1664
Malware in sbrugna...
XSS in qiita-markdown
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
Design/Logic Flaw
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28796
Increments Qiita::Markdown before 0.33.0 allows XSS in transformers...
CVE-2021-28796
Increments Qiita::Markdown before 0.33.0 allows XSS in transformers...
CVE-2021-28796
CVE-2021-28796 affects Qiita::Markdown (Ruby) prior to 0.33.0, allowing XSS via transformers. The issue is documented across multiple connected sources (e.g., Red Hat CVEs, OSV/GHSA advisories) as a failure to sanitize or neutralize user-controlled input in the transformer path, leading to cross-...