Gin 安全漏洞

Gin is a small JavaScript Markdown editor built with Electron by the individual developer Marius Küng. A security vulnerability exists in Gin v0.7.4 that could allow a user to execute arbitrary code by opening a specially crafted file...

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

Exploit Title: Yank Note v3.52.1 Electron - Arbitrary Code Execution Date: 2023-04-27 Exploit Author: 8bitsec CVE: CVE-2023-31874 Vendor Homepage: yank-note.com Software Link: https://github.com/purocean/yn Version: 3.52.1 Tested on: Ubuntu 22.04 | Mac OS 13 Release Date: 2023-04-27 Product &...

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution Vulnerability

Exploit Title: Yank Note v3.52.1 Electron - Arbitrary Code Execution Exploit Author: 8bitsec CVE: CVE-2023-31874 Vendor Homepage: yank-note.com Software Link: https://github.com/purocean/yn Version: 3.52.1 Tested on: Ubuntu 22.04 | Mac OS 13 Release Date: 2023-04-27 Product & Service Introduction...

Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution Vulnerability

Exploit Title: Gin Markdown Editor v0.7.4 Electron - Arbitrary Code Execution Exploit Author: 8bitsec CVE: CVE-2023-31873 Vendor Homepage: https://github.com/mariuskueng/gin Software Link: https://github.com/mariuskueng/gin Version: 0.7.4 Tested on: Mac OS 13 Release Date: 2023-04-24 Product &...

Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution

Exploit Title: Gin Markdown Editor v0.7.4 Electron - Arbitrary Code Execution Date: 2023-04-24 Exploit Author: 8bitsec CVE: CVE-2023-31873 Vendor Homepage: https://github.com/mariuskueng/gin Software Link: https://github.com/mariuskueng/gin Version: 0.7.4 Tested on: Mac OS 13 Release Date:...

Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution Vulnerability

Exploit Title: Codigo Markdown Editor v1.0.1 Electron - Arbitrary Code Execution Exploit Author: 8bitsec Vendor Homepage: https://alfonzm.github.io/codigo/ Software Link: https://github.com/alfonzm/codigo-app Version: 1.0.1 Tested on: Mac OS 13 Release Date: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3...

Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution

Exploit Title: Codigo Markdown Editor v1.0.1 Electron - Arbitrary Code Execution Date: 2023-05-03 Exploit Author: 8bitsec Vendor Homepage: https://alfonzm.github.io/codigo/ Software Link: https://github.com/alfonzm/codigo-app Version: 1.0.1 Tested on: Mac OS 13 Release Date:...

Cross-site Scripting (XSS)

xdgithub.com/phachon/mm-wiki is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the markdown editor because the user roles are not properly restricted which allows an attacker to inject and execute arbitrary javascript...

GHSA-F7RP-XX67-4PJ9 Phachon mm-wiki vulnerable to stored cross-site scripting (XSS)

Phachon mm-wiki v.0.1.2 vulnerable to stored cross-site scripting XSS. This could allow a remote attacker to execute arbitrary code via JavaScript code in the markdown editor. Any user browsing the document containing XSS malicious code will trigger the vulnerability...

CVE-2020-19277

Cross Site Scripting vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via javascript code in the markdown editor...

Cross site scripting

Cross Site Scripting vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via javascript code in the markdown editor...

CVE-2020-19277

Cross Site Scripting vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via javascript code in the markdown editor...

mm-wiki 跨站脚本漏洞

mm-wiki is a Chinese phachon individual developers of a lightweight enterprise knowledge sharing and team collaboration software. It can be used to quickly build enterprise Wiki and team knowledge sharing platform. A security vulnerability exists in Phachon mm-wiki version v.0.1.2. An attacker ca...

PT-2023-11517 · Phachon · Phachon Mm-Wiki

Name of the Vulnerable Software and Affected Versions: Phachon mm-wiki version 0.1.2 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via JavaScript code in the markdown editor. This could allow a remote attacker to execute arbitrary code, and any user...

MarkText 代码注入漏洞

MarkText is a simple and elegant open source Markdown editor focused on speed and usability. A code injection vulnerability exists in MarkText version 0.17.1 and earlier versions. An attacker can exploit this vulnerability to inject arbitrary code...

Markdown Editor 代码注入漏洞

Markdown Editor is an Electron-based Markdown text editor. A code injection vulnerability exists in Markdown Editor. An attacker can exploit this vulnerability to inject arbitrary code...

CVE-2021-32855

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

CVE-2021-32855

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...

Vditor 跨站脚本漏洞

Vditor is a browser-based Markdown editor by Vanessa219 Personal Developer. A security vulnerability exists in Vditor versions prior to 3.8.7, which stems from a cross-site scripting XSS vulnerability...

CVE-2021-32855 vditor vulnerable to Cross-site Scripting

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue...