CVE-2024-0647

A vulnerability, which was classified as problematic, was found in Sparksuite SimpleMDE up to 1.11.2. This affects an unknown part of the component iFrame Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Sparksuite SimpleMDE up to 1.11.2. This affects an unknown part of the component iFrame Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2024-0647 Sparksuite SimpleMDE iFrame cross site scripting

A vulnerability, which was classified as problematic, was found in Sparksuite SimpleMDE up to 1.11.2. This affects an unknown part of the component iFrame Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2024-0647 Sparksuite SimpleMDE iFrame cross site scripting

A vulnerability, which was classified as problematic, was found in Sparksuite SimpleMDE up to 1.11.2. This affects an unknown part of the component iFrame Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

SimpleMDE Cross-Site Scripting Vulnerability

SimpleMDE is a simple, beautiful and embeddable JavaScript Markdown editor. A cross-site scripting vulnerability exists in Sparksuite SimpleMDE 1.11.2 and earlier versions, which stems from a cross-site scripting XSS vulnerability in the component iFrame Handler...

Information Disclosure

Firefox, Firefox ESR and Thunderbird are vulnerable to information disclosure. A remote unauthenticated attacker could exploit the vulnerable IFRAME Handler component to bypass same-origin policy protections on pages with embedded iframes during page reloads and access content on the top level pa...