RSS   Vulnerabilities for 'Gitnote'   RSS

2019-03-14
 
CVE-2019-9785

 

 
gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the onerror attribute of an IMG element.

 


Copyright 2024, cxsecurity.com

 

Back to Top