CVE-2024-33300 Information

Description

Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary code by uploading Markdown files.

Reference

https://github.com/whoisoo6/Stored-xss-vulnerability-exists-in-Typra