Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, an attacker could capture user's session cookies or execute malicious Javascript when a victim edits a markdown file. Version 1.7.1 fixes this issue.
References
Link | Resource |
---|---|
https://github.com/Linbreux/wikmd/commit/259412c47d64d5b85980f95345179fbf05927798 | Patch Third Party Advisory |
https://github.com/Linbreux/wikmd/security/advisories/GHSA-9m4m-6gqx-gfj3 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-09-07T21:00:18
Updated: 2022-09-07T21:00:18
Reserved: 2022-07-15T00:00:00
Link: CVE-2022-36080
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-07T21:15:08.630
Modified: 2022-09-12T18:24:52.600
Link: CVE-2022-36080
JSON object: View
Redhat Information
No data.
CWE