4 matches found
CVE-2021-47842
StudyMD 0.3.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code...
CVE-2021-47842
StudyMD 0.3.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code...
PT-2026-3292
Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload crafted markdown files with embedded scripts that execute when the file is opened, potentially enabling remote code execution...
Inkdrop 跨站脚本漏洞
Inkdrop is a note-taking application with a powerful Markdown editor by the Japanese individual developer Takuya. A security vulnerability exists in Inkdrop version v5.4.1. An attacker can exploit this vulnerability to execute arbitrary commands by uploading specially crafted markdown files...