4 matches found
CVE-2021-47840
Moeditor 0.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload specially crafted markdown files with embedded JavaScript that execute when opened, potentially enabling remote code execution on t...
CVE-2021-47837 Markdownify 1.2.0 - Persistent Cross-Site Scripting
Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload crafted markdown files with embedded scripts that execute when the file is opened, potentially enabling remote code execution...
PT-2026-3297
StudyMD 0.3.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code...
CVE-2024-33300
Typora v1.0.0 through v1.7 version below Markdown editor has a cross-site scripting XSS vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files...