Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.
References
Link | Resource |
---|---|
https://github.com/jbt/markdown-editor/commit/228f1947a5242a6fbe2995d72d21b7e5f5178f35 | Patch |
https://github.com/jbt/markdown-editor/issues/106 | Exploit Issue Tracking Third Party Advisory |
https://github.com/jbt/markdown-editor/pull/110 | Patch |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-11T00:00:00
Updated: 2023-08-11T00:00:00
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-19952
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-11T14:15:09.927
Modified: 2023-08-18T18:14:11.300
Link: CVE-2020-19952
JSON object: View
Redhat Information
No data.
CWE