PT-2019-13727 · Editor.Md · Editor.Md

Pzyc0Ko

·

Published

2019-08-01

·

Updated

2019-08-23

·

CVE-2019-14517

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Editor.md version 1.5.0
Description The issue allows for XSS via the Javascript: string.
Recommendations For version 1.5.0, update to a newer version that contains a fix for this issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2019-14517
GHSA-5Q54-8P9J-X74J

Affected Products

Editor.Md