4 matches found
CVE-2026-59923
A flaw was found in Mistune, a Python Markdown parser. This vulnerability allows an attacker to bypass URL protections by using specially crafted Markdown links or images containing percent-encoded javascript URIs. This can lead to the execution of arbitrary scripts in the rendered HTML,...
CVE-2026-59923
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safeurl does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections and execute script in rendered HTML. This issue is fixed in version...
Stored-XSS-in-node-html-markdown-2.0.0
Stored XSS in node-html-markdown ≤ 2.0.0 Overview This re...
CVE-2024-1730
The Prime Slider – Addons For Elementor Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via urls in link fields, images from URLs, and html tags used in widgets in...