Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Python-markdown2 ProjectPython-markdown2

3 matches found

CVE
CVEadded 2020/04/20 3:48 p.m.160 views

CVE-2020-11888

CVE-2020-11888 affects python-markdown2 up to version 2.3.8, where XSS is possible due to mishandling of element names (e.g., elementname@ or elementname- with an onclick attribute). The provided connected documents indicate that later updates (e.g., 2.3.9) include XSS fixes, and openSUSE/Fedora ...

6.1CVSS5.7AI score0.0065EPSS
CVE
CVEadded 2020/01/15 8:2 p.m.88 views

CVE-2009-3724

CVE-2009-3724 affects the Python package markdown2 prior to version 1.0.1.14, with multiple cross-site scripting (XSS) issues reported across multiple sources. The vulnerability stems from insufficient input validation/escaping in the affected library, enabling attacker-controlled input to be ref...

6.1CVSS6AI score0.00328EPSS
CVE
CVEadded 2018/01/18 9:0 p.m.77 views

CVE-2018-5773

The CVE-2018-5773 vulnerability affects python-markdown2 (markdown2) up to version 2.3.5, where safe_mode fails to properly escape input, enabling XSS with crafted payloads (e.g., missing final '>' in an IMG tag). Public fixes are documented in Fedora advisories for 2.3.7 (and related opensuse...

6.1CVSS5.6AI score0.00358EPSS