25 matches found
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28796
Increments Qiita::Markdown before 0.33.0 allows XSS in transformers...
EUVD-2021-1689
Malware in sbrugna...
EUVD-2021-1664
Malware in sbrugna...
Cross-Site Scripting in Qiita-Markdown
Increments Qiita-Markdown before 0.33.0 allows XSS in transformers...
GHSA-F2C9-5JQW-3XH3 Cross-Site Scripting in Qiita-Markdown
Increments Qiita-Markdown before 0.33.0 allows XSS in transformers...
GHSA-9P29-94HP-8RVC qiita-markdown Cross-site Scripting vulnerability
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
qiita-markdown Cross-site Scripting vulnerability
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
Cross-Site Scripting in Qiita::Markdown
Increments Qiita::Markdown before 0.33.0 allows XSS in transformers...
XSS in qiita-markdown
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
Cross-site Scripting (XSS)
Overview qiita-markdown is a Qiita-specified markdown processor. Affected versions of this package are vulnerable to Cross-site Scripting XSS via a crafted gist link, a different vulnerability than CVE-2021-28796. Details Cross-site scripting or XSS is a code vulnerability that occurs when an...
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
Design/Logic Flaw
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
CVE-2021-28833
Qiita-Markdown (Ruby gem) up to versions before 0.34.0 is vulnerable to cross-site scripting via crafted gist links (CVE-2021-28833). Red Hat advisories and RubySec confirm this as a separate issue from CVE-2021-28796 and describe the same general class of XSS in the transformer/gist handling pat...
CVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796...
Getty104 Qiita::Markdown 跨站脚本漏洞
Getty104 qiita-markdown is Getty104 an open source application . Provides an editor function. A cross-site scripting vulnerability exists in versions prior to Qiita::Markdown 0.34.0, which stems from the program allowing XSS via a crafted gist link...
Cross-site Scripting (XSS)
Overview qiita-markdown is a Qiita-specified markdown processor. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Increments Qiita::Markdown allows XSS in transformers. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” ...
Cross-site Scripting (XSS)
qiita-markdown is vulnerable to cross-site scripting XSS. The vulnerability exists through the value of port in url where it allows strings like javascript://docs.google.com:80/%0d%0aalertdocument.domain to be executed...
CVE-2021-28796
Increments Qiita::Markdown before 0.33.0 allows XSS in transformers...