30 matches found
EUVD-2020-19700
Malware in sbrugna...
EUVD-2021-16455
Malware in sbrugna...
EUVD-2022-29813
Malicious code in bioql PyPI...
CVE-2025-6492
A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack c...
CVE-2022-25069
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting XSS vulnerability which allows attackers to perform remote code execution RCE via injecting a crafted payload into /lib/contentState/pasteCtrl.js...
CVE-2021-29996
Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution RCE by opening .md files containing a mutation Cross Site Scripting XSS payload...
CVE-2020-27176
Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplicate of CVE-2020-26870; however, it can also be considered an issue in the design of the "source code mode" feature, which parses HTML even though HTML support is not one of...
CVE-2022-21158
A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link with javascript: scheme inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext...
Mark Text Cross-Site Scripting Vulnerability (CNVD-2022-21485)
Mark Text is a Markdown editor built on Electron for individual developers. v0.16.3 of Mark Text contains a security vulnerability that could be exploited to execute remote code by injecting a crafted payload into /lib/contentState/pasteCtrl.js...
CVE-2022-25069
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting XSS vulnerability which allows attackers to perform remote code execution RCE via injecting a crafted payload into /lib/contentState/pasteCtrl.js...
CVE-2022-25069
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting XSS vulnerability which allows attackers to perform remote code execution RCE via injecting a crafted payload into /lib/contentState/pasteCtrl.js...
CVE-2022-25069
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting XSS vulnerability which allows attackers to perform remote code execution RCE via injecting a crafted payload into /lib/contentState/pasteCtrl.js...
Cross site scripting
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting XSS vulnerability which allows attackers to perform remote code execution RCE via injecting a crafted payload into /lib/contentState/pasteCtrl.js...
CVE-2022-25069
Mark Text v0.16.3 contains a DOM-based XSS vulnerability in /lib/contentState/pasteCtrl.js that can lead to remote code execution (RCE). Root cause: DOM-based XSS in pasteCtrl.js allows crafted payloads to be executed. Impact: high/critical (CVSS3.1 base score 9.6) with network access and user in...
CVE-2022-25069
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting XSS vulnerability which allows attackers to perform remote code execution RCE via injecting a crafted payload into /lib/contentState/pasteCtrl.js...
Mark Text 跨站脚本漏洞
Mark Text is a Markdown editor built on Electron for individual developers. v0.16.3 of Mark Text contains a security vulnerability that could be exploited to execute remote code by injecting a crafted payload into /lib/contentState/pasteCtrl.js...
Mark Text cross-site scripting vulnerability (CNVD-2021-27921)
Mark Text is a high-performance Markdown editor, built on Electron and running on Mac, Windows and Linux platforms, with a clean look and a focus on speed and usability. A cross-site scripting vulnerability exists in Mark Text in version 0.16.3 and earlier, which is related to the failure of the...
CVE-2021-29996
Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution RCE by opening .md files containing a mutation Cross Site Scripting XSS payload...
CVE-2021-29996
Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution RCE by opening .md files containing a mutation Cross Site Scripting XSS payload...
Cross site scripting
Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution RCE by opening .md files containing a mutation Cross Site Scripting XSS payload...