CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

OpenVAS•added 2020/05/12 12:0 a.m.•15 views

openSUSE: Security Advisory for python-markdown2 (openSUSE-SU-2020:0651-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.0065EPSS

Exploits1References2

OPENSUSE Linux•added 2020/05/12 12:0 a.m.•38 views

Security update for python-markdown2 (moderate)

openSUSE Security Update: Security update for python-markdown2 Announcement ID: openSUSE-SU-2020:0656-1 Rating: moderate References: 1171379 Cross-References: CVE-2020-11888 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This...

6.1CVSS6.1AI score0.0065EPSS

Exploits1References1

OSV•added 2020/05/11 12:19 p.m.•5 views

OPENSUSE-SU-2020:0651-1 Security update for python-markdown2

This update for python-markdown2 fixes the following issues: - CVE-2020-11888: Fixed unsanitized input for cross-site scripting boo1171379...

6.1CVSS6AI score0.0065EPSS

Exploits1References3

OPENSUSE Linux•added 2020/05/11 12:0 a.m.•45 views

Security update for python-markdown2 (moderate)

openSUSE Security Update: Security update for python-markdown2 Announcement ID: openSUSE-SU-2020:0651-1 Rating: moderate References: 1171379 Cross-References: CVE-2020-11888 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

6.1CVSS6.1AI score0.0065EPSS

Exploits1References1

Github Security Blog•added 2020/04/22 8:59 p.m.•54 views

XSS in python-markdown2

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS2.4AI score0.0065EPSS

Exploits1References9Affected Software1

OSV•added 2020/04/22 8:59 p.m.•1 views

GHSA-FV3H-8X5J-PVGQ XSS in python-markdown2

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.3AI score0.0065EPSS

Exploits1References9

CNVD•added 2020/04/21 12:0 a.m.•2 views

python-markdown2 cross-site scripting vulnerability (CNVD-2020-33575)

python-markdown2 is a Python-based implementation of the Markdown text markup format. A cross-site scripting vulnerability exists in python-markdown2 version 2.3.8 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can...

6.1CVSS6.4AI score0.0065EPSS

Exploits1References1

OSV•added 2020/04/20 4:15 p.m.•9 views

CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS5.9AI score

Exploits0References6

OSV•added 2020/04/20 4:15 p.m.•0 views

PYSEC-2020-65

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS5.8AI score0.0065EPSS

Exploits1References7

Prion•added 2020/04/20 4:15 p.m.•8 views

Cross site scripting

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

4.3CVSS5.8AI score0.0065EPSS

Exploits1References6Affected Software1

PyPA•added 2020/04/20 4:15 p.m.•4 views

PYSEC-2020-65

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.3AI score0.0065EPSS

Exploits1References7Affected Software1

UbuntuCve•added 2020/04/20 4:15 p.m.•14 views

CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.3AI score0.0065EPSS

Exploits1References2

Cvelist•added 2020/04/20 3:48 p.m.•11 views

CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

5.9AI score0.0065EPSS

Exploits1References6

Debian CVE•added 2020/04/20 3:48 p.m.•18 views

CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6AI score0.0065EPSS

Exploits1

FreeBSD•added 2020/04/20 12:0 a.m.•15 views

py-markdown2 -- XSS vulnerability

TheGrandPew reports: python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.4AI score0.0065EPSS

Exploits1References2

CNVD•added 2020/02/03 12:0 a.m.•1 views

python-markdown2 cross-site scripting vulnerability

python-markdown is a library for python. A cross-site scripting vulnerability exists in python-markdown2 versions prior to 1.0.1.14. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-si...

6.1CVSS6.4AI score0.00328EPSS

Exploits1References1