PT-2026-57572 · Vnotex · Vnote
Sisubeny
·
Publicado
2026-07-12
·
Atualizado
2026-07-12
·
CVE-2026-15505
CVSS v3.1
3.5
Baixa
| Vetor | AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument p metaData causes cross site scripting. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Correção
Code Injection
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Vnote