CVE-2020-18336

CVE-2020-18336 is an XSS vulnerability in Typora v0.9.65, allowing a remote attacker to obtain sensitive information via the PDF export function. The NVD entry assigns CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N (base score 7.4). Connected documents consistently describe Typora 0.9.65 as vulne...

CVE-2020-18336

Cross Site Scripting XSS vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function...

CVE-2020-18748

Cross Site Scripting XSS in Typora v0.9.65 allows attackers to execute arbitrary code via mathjax syntax due to a mathjax configuration error in the mathematical formula blocks. This is a different vulnerability from CVE-2020-18221...

Cross site scripting

Cross Site Scripting XSS in Typora v0.9.65 allows attackers to execute arbitrary code via mathjax syntax due to a mathjax configuration error in the mathematical formula blocks. This is a different vulnerability from CVE-2020-18221...

CVE-2020-18748

CVE-2020-18748 affects Typora (v0.9.65 and potentially earlier per context) with a Cross-Site Scripting (XSS) vulnerability caused by a mathjax configuration error in mathematical formula blocks, enabling arbitrary code execution via crafted MathJax syntax. Connected sources corroborate Typora-sp...

CVE-2020-18748

Cross Site Scripting XSS in Typora v0.9.65 allows attackers to execute arbitrary code via mathjax syntax due to a mathjax configuration error in the mathematical formula blocks. This is a different vulnerability from CVE-2020-18221...

CVE-2020-18221

Cross Site Scripting XSS in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula...

Cross site scripting

Cross Site Scripting XSS in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula...