Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.12 views

CVE-2026-11621

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated...

5.8CVSS5.1AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 3:16 a.m.16 views

CVE-2026-11621

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated...

5.8CVSS0.00218EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/09 3:0 a.m.27 views

CVE-2026-11621

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated...

5.8CVSS5.1AI score0.00218EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/09 3:0 a.m.41 views

CVE-2026-11621 Dcat-Admin User Setting upload editorMDUpload unrestricted upload

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated...

5.8CVSS0.00218EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

dcat-admin 访问控制错误漏洞

dcat-admin is a backend system building tool based on Laravel, developed by Jiang Qinghua. Versions of Dcat-Admin 2.2.3-beta and earlier contain an access control vulnerability. This vulnerability stems from the editorMDUpload function in /admin/dcat-api/editor-md/upload, which allows unlimited...

5.8CVSS5AI score0.00218EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.5 views

WordPress plugin WP Editor.md – The Perfect WordPress Markdown Editor 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin WP Editor.md - A cross-site scripting...

5.9CVSS6.2AI score0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/01 12:0 a.m.4 views

PT-2023-22350 · Pandao · Editor.Md

Name of the Vulnerable Software and Affected Versions: pandao editor.md versions 1.5.0 and earlier Description: The issue allows attackers to inject arbitrary web script or HTML via crafted markdown text, which can lead to Cross Site Scripting XSS attacks. This enables attackers to execute...

6.1CVSS6.1AI score0.00429EPSS
Exploits1References9
CNNVD
CNNVD
added 2023/05/01 12:0 a.m.5 views

editor.md 跨站脚本漏洞

Editor.md is an open source embedded online Markdown a markup language editor. A security vulnerability exists in pandao editor.md version 1.5.0 and earlier, which stems from a cross-site scripting XSS vulnerability that allows attackers to inject arbitrary Web script or HTML...

6.1CVSS6AI score0.00429EPSS
Exploits1References2
OSV
OSV
added 2019/08/23 12:5 a.m.8 views

GHSA-X65C-4FGJ-5FC3 Cross-site Scripting in pandao

pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element...

6.1CVSS6.3AI score0.00788EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2019/03/14 3:38 p.m.6 views

@bndynet/bbootstrap (>=1.0.2 <=2.2.1), @bndynet/jslib (>=1.0.52 <=2.0.0) +8 more potentially affected by CVE-2019-9737 via editor.md (=1.5.0)

editor.md NPM version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on editor.md and may be impacted: - @bndynet/bbootstrap =1.0.2, =1.0.52, =2.3.6, =1.0.0, =0.2.0, =0.1.1, =0.1.0, =1.0.0, =1.0.3 Source cves: CVE-2019-9737 Source advisory:...

6.1CVSS6.3AI score0.00857EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2018/11/09 5:41 p.m.3 views

@bndynet/bbootstrap (>=1.0.2 <=2.2.1), @bndynet/jslib (>=1.0.52 <=2.0.0) +8 more potentially affected by CVE-2018-19056 via editor.md (=1.5.0)

editor.md NPM version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on editor.md and may be impacted: - @bndynet/bbootstrap =1.0.2, =1.0.52, =2.3.6, =1.0.0, =0.2.0, =0.1.1, =0.1.0, =1.0.0, =1.0.3 Source cves: CVE-2018-19056 Source advisory:...

6.1CVSS6.3AI score0.00788EPSS
Exploits1
Rows per page
Query Builder