CNNVD-202507-2444 Information

CNNVD ID

CNNVD-202507-2444

Related CVE

CVE-2025-54075

• CNNVD Published: 2025-07-18

Description (Chinese)

Nuxt MDC是Nuxt开源的一个应用程序，增强了常规 Markdown 的能力。 Nuxt MDC 0.17.2之前版本存在跨站脚本漏洞，该漏洞源于Markdown处理不当，可能导致存储型跨站脚本攻击。

Description (English)

Nuxt MDC is an application from Nuxt Open Source, which enhances the capability of the regular Markdown. The previous version of Nuxt MDC 0.17.2 had a cross-site script loophole, which stemmed from the mishandling of Markdown and could lead to a storage-type cross-site script attack.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Nuxt

Published

2025-07-18

Last Modified

2026-02-24

References

https://github.com/nuxt-modules/mdc/commit/3657a5bf2326a73cd3d906f57149146a412b962a https://github.com/nuxt-modules/mdc/security/advisories/GHSA-cj6r-rrr9-fg82 https://access.redhat.com/security/cve/cve-2025-54075 https://nvd.nist.gov/vuln/detail/CVE-2025-54075

Patch

https://github.com/nuxt-modules/mdc/releases