3 matches found
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28833
Qiita-Markdown (Ruby gem) up to versions before 0.34.0 is vulnerable to cross-site scripting via crafted gist links (CVE-2021-28833). Red Hat advisories and RubySec confirm this as a separate issue from CVE-2021-28796 and describe the same general class of XSS in the transformer/gist handling pat...