Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.
References
Link | Resource |
---|---|
https://research.jfrog.com/vulnerabilities/caret-xss-rce/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: JFROG
Published: 2023-01-11T00:00:00
Updated: 2023-01-11T00:00:00
Reserved: 2022-10-15T00:00:00
Link: CVE-2022-42967
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-11T13:15:09.197
Modified: 2023-01-18T21:28:28.420
Link: CVE-2022-42967
JSON object: View
Redhat Information
No data.
CWE