Security
Headlines

Headlines Latest CVEs

Headline

GHSA-vfmp-9999-6wqj: Vditor Cross-site Scripting vulnerability

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue.

1 year ago

#xss #vulnerability #git

Vditor Cross-site Scripting vulnerability

Moderate severity GitHub Reviewed Published Feb 21, 2023 to the GitHub Advisory Database • Updated Feb 22, 2023

Related news

CVE-2021-32855: :lock: https://github.com/Vanessa219/vditor/issues/1085 · Vanessa219/vditor@1b2382d

Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue.

1 year ago

#xss #vulnerability #git

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP

1 day ago

GHSA-j5vv-6wjg-cfr8: changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal

1 day ago

GHSA-qx95-cwh6-9mvq: TCPDF missing character escape on error messages

2 days ago

GHSA-w95c-7994-ghpr: TCPDF has incorrect comparison

2 days ago

GHSA-4p8j-vhjm-6pvw: TCPDF lacks SVG sanitization

2 days ago