Produkt Notable (...) - CVEMAP.ORG

Podatności dla 'Notable'

2022-03-27

CVE-2022-26198

CWE-94

Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field.

2020-12-10

CVE-2020-16608

CWE-79

Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).

Copyright 2024, cxsecurity.com