CNNVD-202601-2775 Information

CNNVD ID

CNNVD-202601-2775

Related CVE

CVE-2021-47837

• CNNVD Published: 2026-01-16

Description (Chinese)

Markdownify是Amit Merchant个人开发者的一个基于 Electron 构建的最小 Markdown Editor 桌面应用程序。 Markdownify 1.2.0版本存在安全漏洞，该漏洞源于markdown文件存在存储型跨站脚本，可能导致远程代码执行。

Description (English)

Markdownify is the smallest Markdown Editor desktop application built on Electron by Amit Merchant personal developer. The security loophole in version Markdownify 1.2.0 stems from the existence of a storage cross-site script for the Markdowndown file, which may result in remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-16

Last Modified

2026-02-24

References

https://github.com/amitmerchant1990/electron-markdownify https://imgur.com/a/T4jBoiS https://www.exploit-db.com/exploits/49835 https://www.vulncheck.com/advisories/markdownify-persistent-cross-site-scripting