Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:40333
HistoryApr 28, 2023 - 11:47 a.m.

Cross-site Scripting (XSS)

2023-04-2811:47:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
cross-site scripting
xss
vulnerability
markdown editor
javascript
attacker

0.001 Low

EPSS

Percentile

29.5%

xdgithub.com/phachon/mm-wiki is vulnerable to Cross-site Scripting (XSS). The vulnerability exists in the markdown editor because the user roles are not properly restricted which allows an attacker to inject and execute arbitrary javascript.

0.001 Low

EPSS

Percentile

29.5%

Related for VERACODE:40333