Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Codimd Security Vulnerabilities

cve
cve

CVE-2019-15499

CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element with allow-top-navigation in the sandbox attribute, in conjunction with a data: URL.

6.1CVSS

5.9AI Score

0.001EPSS

2019-08-23 04:15 AM
27
cve
cve

CVE-2024-38353

CodiMD allows realtime collaborative markdown notes on all platforms. CodiMD before 2.5.4 is missing authentication and access control vulnerability allowing an unauthenticated attacker to gain unauthorised access to image data uploaded to CodiMD. CodiMD does not require valid authentication to acc...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-07-10 08:15 PM
24
cve
cve

CVE-2024-38354

CodiMD allows realtime collaborative markdown notes on all platforms. The notebook feature of Hackmd.io permits the rendering of iframe HTML tags with an improperly sanitized name attribute. This vulnerability enables attackers to perform cross-site scripting (XSS) attacks via DOM clobbering. This ...

8.1CVSS

7.4AI Score

0.0005EPSS

2024-07-10 08:15 PM
26