CVE-2024-53930

Name of the Vulnerable Software and Affected Versions: WikiDocs versions prior to 1.0.65

Description: The issue concerns a stored XSS vulnerability that can be exploited by authenticated users. It occurs due to the mishandling of data by a KaTeX parser, specifically when the data comes after $$. This allows for the crafting of malicious input that can lead to cross-site scripting. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations: For versions prior to 1.0.65, update to version 1.0.65 to resolve the issue. As a temporary workaround, consider restricting access to the KaTeX parser or disabling the parsing of data that comes after $$ until the update can be applied.