PT-2026-57572 · Vnotex · Vnote

Sisubeny

·

Publicado

2026-07-12

·

Atualizado

2026-07-12

·

CVE-2026-15505

CVSS v3.1

3.5

Baixa

VetorAV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument p metaData causes cross site scripting. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Correção

Code Injection

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15505

Produtos afetados

Vnote