100 matches found
CVE-2018-19056
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "" substring, which is mishandled during construction of an A element...
CVE-2018-19056
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "" substring, which is mishandled during construction of an A element...
CVE-2018-19056
The CVE-2018-19056 entry concerns pandao Editor.md 1.5.0, with a DOM XSS flaw triggered by input starting with a <
CVE-2018-18919
The WP Editor.md plugin 10.0.1 for WordPress allows XSS via the comment area...
CVE-2018-18919
The CVE-2018-18919 entry concerns the WP Editor.md plugin for WordPress (version 10.0.1) and describes an XSS vulnerability in the comment area. The connected documents consistently identify this same issue across multiple sources. The available details specify the affected component (WP Editor.m...
GHSA-VJCJ-5G2R-VXQC Pandao editor.md vulnerable to XSS in IMG attributes
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
Pandao editor.md vulnerable to XSS in IMG attributes
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
Pandao Editor.md Cross-Site Scripting Vulnerability
Pandao Editor.md is an open source online Markdown a markup language editor components. A cross-site scripting vulnerability exists in Pandao Editor.md version 1.5.0, which can be exploited by remote attackers to gain administrator privileges with a specially crafted invalid IMG element attribute...
Cross-site Scripting (XSS)
editor.md is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the user input before rendering the markdown, allowing a malicious user can inject and execute arbitrary Javascript through the editor...
Cross site scripting
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2018-16330
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2018-16330
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2018-16330
CVE-2018-16330 affects Pandao Editor.md 1.5.0 and is an XSS vulnerability triggered by crafted attributes of an invalid IMG element. Multiple sources (NVD entry and related advisories) corroborate that enables cross-site scripting in this version. CVSS data indicate base scores: CVSS v2 base 4.3 ...
CVE-2018-16330
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...
CVE-2017-9336
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post...
Cross site scripting
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post...
CVE-2017-9336
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post...
CVE-2017-9336
The CVE-2017-9336 entry concerns the WP Editor.MD WordPress plugin (version 1.6). The connected records confirm a stored cross-site scripting (XSS) vulnerability in the content of a post, arising from how the plugin handles input in WordPress. Impact is limited to the integrity/confidentiality co...
CVE-2017-9336
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post...
Wordpress plugin Editor.MD cross-site scripting vulnerability
WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL servers set up a personal blog site.WP Editor.MD is an online Markdown document editor plugin. A cross-site scripting vulnerability exists in the...