RSS   Vulnerabilities for 'VMD'   RSS

2021-05-17
 
CVE-2021-33041

CWE-79
 
 
vmd through 1.34.0 allows 'div class="markdown-body"' XSS, as demonstrated by Electron remote code execution via require('child_process').execSync('calc.exe') on Windows and a similar attack on macOS.

 

Copyright 2024, cxsecurity.com

 

Back to Top