CVE-2020-19952 Information

Aug 12, 2023 cve

Description

Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477 allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.

Reference

https://github.com/jbt/markdown-editor/issues/106 https://github.com/jbt/markdown-editor/commit/228f1947a5242a6fbe2995d72d21b7e5f5178f35 https://github.com/jbt/markdown-editor/pull/110

Share on: