6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
36.9%
marked is an application that is meant to parse and compile markdown. Due
to the way that marked 0.3.5 and earlier parses input, specifically HTML
entities, it’s possible to bypass marked’s content injection protection
(sanitize: true
) to inject a javascript:
URL. This flaw exists because
&#xNNanything;
gets parsed to what it could and leaves the rest behind,
resulting in just anything;
being left.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 16.04 | noarch | node-marked | < any | UNKNOWN |
github.com/chjj/marked/pull/592
github.com/chjj/marked/pull/592/commits/2cff85979be8e7a026a9aca35542c470cf5da523
launchpad.net/bugs/cve/CVE-2016-10531
nodesecurity.io/advisories/101
nvd.nist.gov/vuln/detail/CVE-2016-10531
security-tracker.debian.org/tracker/CVE-2016-10531
www.cve.org/CVERecord?id=CVE-2016-10531
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
36.9%