RSS   Vulnerabilities for 'Editor.md'   RSS

2018-11-07
 
CVE-2018-19056

CWE-79
 

 
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element.

 
2018-09-01
 
CVE-2018-16330

CWE-79
 

 
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.

 


Copyright 2019, cxsecurity.com

 

Back to Top