Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.8 views

CVE-2023-2318

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into...

9.6CVSS6.2AI score0.00485EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/19 5:43 a.m.9 views

CVE-2023-2318 MarkText DOM-Based Cross-site Scripting leading to Remote Code Execution

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into...

8.6CVSS6.2AI score0.00485EPSS
Exploits1References2
CVE
CVE
added 2023/08/19 5:43 a.m.70 views

CVE-2023-2318

CVE-2023-2318 concerns MarkText up to version 0.17.1 where a DOM‑based XSS flaw in src/muya/lib/contentState/pasteCtrl.js can allow arbitrary JavaScript to run in the MarkText main window when pasting HTML copied from a malicious page. The vulnerability arises during HTML-to-Markdown conversion: ...

9.6CVSS8.5AI score0.00485EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/08/19 5:43 a.m.8 views

CVE-2023-2318 MarkText DOM-Based Cross-site Scripting leading to Remote Code Execution

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into...

8.6CVSS7.3AI score0.00485EPSS
Exploits1References5
Rows per page
Query Builder