181 matches found
CVE-2024-41481
Typora before 1.9.3 Markdown editor has a cross-site scripting XSS vulnerability via the Mermaid component...
CVE-2024-41482
Typora before 1.9.3 Markdown editor has a cross-site scripting XSS vulnerability via the MathJax component...
CVE-2024-41481
Typora before 1.9.3 Markdown editor has a cross-site scripting XSS vulnerability via the Mermaid component...
CVE-2024-41481
CVE-2024-41481 – Typora prior to 1.9.3 has an XSS vulnerability via the Mermaid component. The issue arises when Mermaid diagrams are rendered, potentially allowing injected scripts in Typora-rendered content. The vulnerability is described as requiring user interaction with a network-origin vect...
CVE-2024-41482
CVE-2024-41482 affects Typora before 1.9.3, with an XSS vulnerability in the MathJax component used by the Markdown editor. The issue is triggered via MathJax, allowing script execution under certain inputs. Public details consistently identify the affected software and vulnerability class but do...
CVE-2024-41481
Typora before 1.9.3 Markdown editor has a cross-site scripting XSS vulnerability via the Mermaid component...
Cross-site Scripting (XSS)
Overview UmbracoCms.Core is an ASP.NET CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Markdown Editor Preview Pane. An attacker can inject malicious content into a website or application by exploiting this vulnerability. Details Cross-site scripting or XS...
Cross-site Scripting (XSS)
Overview UmbracoCms.Web is an ASP.NET CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Markdown Editor Preview Pane. An attacker can inject malicious content into a website or application by exploiting this vulnerability. Details Cross-site scripting or XSS...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Markdown Editor Preview Pane. An attacker can inject malicious content into a website or application by exploiting this vulnerability. Details Cross-site scripting or XSS is a code vulnerability that occu...
Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
Impact Stored Cross-site scripting XSS enable attackers that have access to backoffice to bring malicious content into a website or application. Affected versions Umbraco CMS = 8.00 Patches This is fixed in 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implementing IHtmlSanitizer...
CVE-2024-35218 Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stored Cross-site scripting XSS enable attackers that have access to backoffice to bring malicious content into a website or application. This vulnerability has been patched in versions 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implementi...
CVE-2024-35218 Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stored Cross-site scripting XSS enable attackers that have access to backoffice to bring malicious content into a website or application. This vulnerability has been patched in versions 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implementi...
CVE-2024-33300
Typora v1.0.0 through v1.7 version below Markdown editor has a cross-site scripting XSS vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files...
CVE-2024-33300
CVE-2024-33300 affects Typora (versions 1.0.0 through 1.7). The issue is a cross-site scripting (XSS) vulnerability that attackers can exploit by uploading Markdown files to execute arbitrary code. The connected Red Hat, NVD, CNNVD and other sources corroborate Typora as the affected software and...
CVE-2023-28873
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor...
CVE-2023-28873
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor...
CVE-2023-28873
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor...
Cross site scripting
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor...
Seafile Security Breach
HaiwenHuzhi Network Technology Seafile is an open source enterprise cloud disk from China HaiwenHuzhi Network Technology. The product has Markdown WYSIWYG editing, Wiki, file labeling and other features. A security vulnerability exists in Seafile version 9.0.6, which stems from the presence of...
CVE-2023-28873
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor...