Lucene search
Veracode Vulnerability DatabaseVERACODE:25820HistoryJul 07, 2020 - 7:40 a.m.
Cross-Site Scripting (XSS)
2020-07-0707:40:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
EPSS
0.001
Percentile
34.9%
markdown2 is vulnerable to cross-site scripting (XSS) attacks. The vulnerability is introduced because of using a loosely defined regular expression for _incomplete_tags_re string in the function _encode_amps_and_angles causing a bypass of HTML element if a user passes a malicious string with a new line that does not match to .+. The vulnerability exists due to an incomplete fix for CVE-2018-5773.
Related
nessus
nessus
Fedora 29 : python-markdown2 (2018-6a8028084d)
2019-01-03 00:00:00
Fedora 29 : python-markdown2 (2019-095c760511)
2019-02-19 00:00:00
Fedora 28 : python-markdown2 (2019-a16e1127d3)
2019-02-19 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29
2018-10-09 00:07:50
[SECURITY] Fedora 28 Update: python-markdown2-2.3.6-1.fc28
2018-10-10 22:47:15
[SECURITY] Fedora 29 Update: python-markdown2-2.3.7-1.fc29
2019-02-18 02:05:34
osv
osv
CVE-2018-5773
2018-01-18 21:29:00
markdown2 is vulnerable to cross-site scripting
2018-07-12 20:29:21
PYSEC-2018-13
2018-01-18 21:29:00
github
github
markdown2 is vulnerable to cross-site scripting
2018-07-12 20:29:21
nvd
nvd
CVE-2018-5773
2018-01-18 21:29:00
openvas
openvas
Fedora Update for python-markdown2 FEDORA-2019-a16e1127d3
2019-02-18 00:00:00
Fedora Update for python-markdown2 FEDORA-2019-095c760511
2019-05-07 00:00:00
Fedora Update for python-markdown2 FEDORA-2018-dd98177cad
2018-10-11 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2018-01-19 04:50:24
prion
prion
Design/Logic Flaw
2018-01-18 21:29:00
cvelist
cvelist
CVE-2018-5773
2018-01-18 21:00:00
cve
cve
CVE-2018-5773
2018-01-18 21:29:00