Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown...
7.8CVSS
7.5AI Score
0.001EPSS
An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown...
6.1CVSS
6.6AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in Markdown-Nice v1.8.22 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Community Posting...
5.4CVSS
5.2AI Score
0.001EPSS
Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into...
7.8CVSS
7.9AI Score
0.001EPSS