Lucene search
+L

21 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11422

Malware in sbrugna...

6.8CVSS5.5AI score0.00519EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-3621

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00307EPSS
Exploits0References7
redhatcve
redhatcve
added 2025/05/23 6:37 a.m.6 views

CVE-2024-56510

@marp-team/marp-core is the core for Marp, which is the ecosystem to write your presentation with plain Markdown. Marp Core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Marp Core v3.9.1 and v4.0.1 have been patch...

5.3CVSS5.3AI score0.00307EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2025/01/19 12:0 a.m.9 views

The vulnerability of the Markdown Marp Core presentation creation tool is related to insufficient protection of website structures, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the Markdown-based presentation creation tool Marp Core is related to insufficient protection of the web page structure when processing HTML content. Exploiting this vulnerability could allow attackers to perform cross-site scripting attacks...

5.3CVSS5.2AI score0.00307EPSS
Exploits0References6Affected Software1
nvd
nvd
added 2024/12/26 9:15 p.m.13 views

CVE-2024-56510

@marp-team/marp-core is the core for Marp, which is the ecosystem to write your presentation with plain Markdown. Marp Core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Marp Core v3.9.1 and v4.0.1 have been patch...

5.3CVSS0.00307EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/12/26 8:56 p.m.12 views

CVE-2024-56510 Marp Core allows XSS by improper neutralization of HTML sanitization

@marp-team/marp-core is the core for Marp, which is the ecosystem to write your presentation with plain Markdown. Marp Core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Marp Core v3.9.1 and v4.0.1 have been patch...

5.3CVSS6AI score0.00307EPSS
Exploits0References5
cve
cve
added 2024/12/26 8:56 p.m.67 views

CVE-2024-56510

Marp Core vulnerability CVE-2024-56510 affects Marp Core versions from v3.0.2 to v3.9.0 and v4.0.0, where improper neutralization of HTML sanitization leads to Cross-Site Scripting (XSS). The issue is addressed in Marp Core v3.9.1 and v4.0.1. If immediate upgrading is not feasible, a workaround i...

5.3CVSS5.4AI score0.00307EPSS
Exploits0References5
osv
osv
added 2024/12/26 8:56 p.m.7 views

CVE-2024-56510 Marp Core allows XSS by improper neutralization of HTML sanitization

@marp-team/marp-core is the core for Marp, which is the ecosystem to write your presentation with plain Markdown. Marp Core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Marp Core v3.9.1 and v4.0.1 have been patch...

5.3CVSS5.9AI score0.00307EPSS
Exploits0References7
cvelist
cvelist
added 2024/12/26 8:56 p.m.17 views

CVE-2024-56510 Marp Core allows XSS by improper neutralization of HTML sanitization

@marp-team/marp-core is the core for Marp, which is the ecosystem to write your presentation with plain Markdown. Marp Core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Marp Core v3.9.1 and v4.0.1 have been patch...

5.3CVSS0.00307EPSS
Exploits0References5
github
github
added 2024/12/26 6:25 p.m.13 views

Marp Core allows XSS by improper neutralization of HTML sanitization

Marp Core @marp-team/marp-core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Impact Marp Core includes an HTML sanitizer with allowlist support. In the affected versions, the built-in allowlist is enabled by...

5.3CVSS6.1AI score0.00307EPSS
Exploits0References7Affected Software1
osv
osv
added 2024/12/26 6:25 p.m.17 views

GHSA-X52F-H5G4-8QV5 Marp Core allows XSS by improper neutralization of HTML sanitization

Marp Core @marp-team/marp-core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting XSS due to improper neutralization of HTML sanitization. Impact Marp Core includes an HTML sanitizer with allowlist support. In the affected versions, the built-in allowlist is enabled by...

5.3CVSS5.3AI score0.00307EPSS
Exploits0References7
cnnvd
cnnvd
added 2024/12/26 12:0 a.m.5 views

marp-core 跨站脚本漏洞

marp-core is a Marp open source core for a Marp converter. A cross-site scripting vulnerability exists in marp-core versions v3.0.2 through v3.9.0 and v4.0.0, which stems from improper neutralization of HTML cleanup and is vulnerable to cross-site scripting attacks...

5.3CVSS5.8AI score0.00307EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2022/01/23 12:0 a.m.4 views

PT-2022-7696 · Npm · @Marp-Team/Marp-Core

Name of the Vulnerable Software and Affected Versions: @marp-team/marp-core versions 3.0.2 through 3.9.0 @marp-team/marp-core version 4.0.0 Description: The issue is related to cross-site scripting XSS due to improper neutralization of HTML sanitization. This can allow an attacker to conduct...

5.3CVSS5.7AI score0.00307EPSS
Exploits0References14
jvn
jvn
added 2017/09/29 4:54 a.m.5 views

Marp vulnerable to improper access control in JavaScript execution

Overview Marp is a tool to create a presentation PDF with Markdown. Marp executes JavaScript inside the Markdown contents. Marp allows JavaScript to access local resources and files CWE-284. Keitaro Yamazaki of Kyoto University reported this vulnerability to IPA. JPCERT/CC coordinated with the...

6.8CVSS6.3AI score0.00519EPSS
Exploits0References5
cnvd
cnvd
added 2017/07/10 12:0 a.m.4 views

Marp Incorrect Access Control Vulnerability

Marp is a cross-platform slide writer developed in CoffeeScript. A security vulnerability exists in Marp 0.0.1 and earlier versions. An attacker can exploit the vulnerability to obtain sensitive information...

6.8CVSS6.7AI score0.00519EPSS
Exploits0References1
nvd
nvd
added 2017/07/07 1:29 p.m.16 views

CVE-2017-2239

Marp versions v0.0.10 and earlier may allow an attacker to access local resources and files using JavaScript...

6.8CVSS5.2AI score0.00519EPSS
Exploits0References1
osv
osv
added 2017/07/07 1:29 p.m.4 views

CVE-2017-2239

Marp versions v0.0.10 and earlier may allow an attacker to access local resources and files using JavaScript...

5.3CVSS5.8AI score0.00519EPSS
Exploits0References1
prion
prion
added 2017/07/07 1:29 p.m.13 views

Code injection

Marp versions v0.0.10 and earlier may allow an attacker to access local resources and files using JavaScript...

6.8CVSS5.1AI score0.00519EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2017/07/07 1:0 p.m.22 views

CVE-2017-2239

Marp versions v0.0.10 and earlier may allow an attacker to access local resources and files using JavaScript...

5.2AI score0.00519EPSS
Exploits0References1
cve
cve
added 2017/07/07 1:0 p.m.51 views

CVE-2017-2239

CVE-2017-2239 affects Marp v0.0.10 and earlier, where JavaScript in Markdown contents can access local resources/files due to improper access control. The JVN entry confirms impact: local files may be read and leaked. Remediation is to update to Marp v0.0.11, which restricts JavaScript from acces...

6.8CVSS5.1AI score0.00519EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder