Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 3:56 a.m.10 views

CVE-2021-39175

HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into...

8.1CVSS7AI score0.00602EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2021/09/14 12:0 a.m.29 views

[ASA-202109-1] hedgedoc: cross-site scripting

Arch Linux Security Advisory ASA-202109-1 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-39175 Package : hedgedoc Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-2331 Summary ======= The package hedgedoc before versi...

8.1CVSS2.2AI score0.00602EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/08/30 8:40 p.m.21 views

CVE-2021-39175 XSS vector in slide mode speaker-view

HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into...

8.1CVSS8.2AI score0.00602EPSS
Exploits0References4
CVE
CVE
added 2021/08/30 8:40 p.m.58 views

CVE-2021-39175

HedgeDoc prior to version 1.9.0 is vulnerable to cross-site scripting in the slide-mode speaker-notes. An unauthenticated attacker can inject arbitrary JavaScript by embedding an iframe hosting malicious code into the slides or by embedding the HedgeDoc instance into another page. The issue is fi...

8.1CVSS6.7AI score0.00602EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder