Redcarpet Security Vulnerabilities and Issues — Redcarpet CVE List

Lucene search

Redcarpet ProjectRedcarpet

1 matches found

CVE•added 2021/01/11 7:15 p.m.•98 views

CVE-2020-26298

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escape_html optio...

6.8CVSS5.2AI score0.00281EPSS