3 matches found
EUVD-2022-7414
Malicious code in bioql PyPI...
PT-2024-24204 · Typora · Typora
Name of the Vulnerable Software and Affected Versions: Typora versions 1.6.7 and earlier Description: A Cross Site Scripting XSS issue allows a local attacker to obtain sensitive information via a crafted script during markdown file creation. This occurs when a local attacker crafts a script that...
CVE-2022-40277
Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before...