CVE-2026-48149

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parsemarkdown straight to innerHTML with no sanitizer packages/bbui/src/Markdown/MarkdownViewer.svelte:22. Any column a builder binds to a Text component in Markdown mod...

CVE-2026-41063 WWBN AVideo has incomplete fix for CVE-2026-33500 (XSS)

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization...

PT-2026-32585

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability where the frontend's MdRenderer.vue component parses custom tags from LLM responses or Application Prologue configurations, bypassing standard Markdown sanitizatio...

CVE-2026-35600

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, task titles are embedded directly into Markdown link syntax in overdue email notifications without escaping Markdown special characters. When rendered by goldmark and sanitized by bluemonday which allows and tags,...

CVE-2026-33500 AVideo Vulnerable to Stored XSS via Markdown `javascript:` URI Bypasses ParsedownSafeWithLinks Sanitization

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the fix for CVE-2026-27568 GHSA-rcqw-6466-3mv7 introduced a custom ParsedownSafeWithLinks class that sanitizes raw HTML and tags in comments, but explicitly disables Parsedown's safeMode. This creates a bypass:...

Stored Cross-Site Scripting (XSS)

Open WebUI is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of Markdown content in the Notes PDF export functionality, allowing attackers to embed malicious SVG tags that execute arbitrary JavaScript when the note is downloaded as a PDF,...

CVE-2025-51691

Cross-Site Scripting XSS vulnerability found in MarkTwo commit e3a1d3f90cce4ea9c26efcbbf3a1cbfb9dcdb298 May 2025 allows a remote attacker to execute arbitrary code via a crafted script input to the editor interface. The application does not properly sanitize user-supplied Markdown before renderin...

Cross-site Scripting (XSS)

@nuxtjs/mdc is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of Markdown content caused by allowing injection of a tag, which can alter relative URL resolution and enable loading of external attacker-controlled resources, leading to arbitrary JavaScript...

CVE-2019-13982

interfaces/markdown/input.vue in Directus 7 Application before 7.7.0 does not sanitize Markdown text before rendering a preview...

CVE-2019-15739

An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1. Certain areas displaying Markdown were not properly sanitizing some XSS payloads...

CVE-2025-3246 Markdown math block sanitization bypass allows privilege escalation and unauthorized workflow triggers

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting in GitHub Markdown that used $$..$$ math blocks. Exploitation required access to the target GitHub Enterprise Server instance and privileged user interaction with the...

CVE-2024-54160

dashboards-reporting aka Dashboards Reports before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer...

CVE-2024-54160

dashboards-reporting aka Dashboards Reports before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer...

CVE-2024-54160

CVE-2024-54160 affects OpenSearch Dashboards Reports (dashboards-reporting) prior to version 2.19.0.0 (shipped in OpenSearch

CVE-2024-54160

dashboards-reporting aka Dashboards Reports before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer...

PT-2021-6534 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.11 and up Description: The issue is related to insufficient input sanitization in markdown, allowing an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown. This can be exploited...

UBUNTU-CVE-2019-15739

An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1. Certain areas displaying Markdown were not properly sanitizing some XSS payloads...

GitLab -- multiple vulnerabilities

GitLab reports: Cross-Site Scripting XSS vulnerability in the Markdown sanitization filter Yasin Soliman via HackerOne reported a Cross-Site Scripting XSS vulnerability in the GitLab markdown sanitization filter. The sanitization filter was not properly stripping invalid characters from URL schem...