Disclosure Date 2022/03/02
CVE-2022-21158
Cross-site Scripting in MarkText
MarkText における XSS (クロスサイトスクリプティング)
Credit
Eiji Mori (@ei01241)
Affected-Versions
Marktext: v0.16.3 and earlier, Fixed in v0.17.0
CWE
- CWE-79
Description
MarkText contains a cross-site scripting vulnerability, which causes execution of arbitrary script upon opening the Markdown file from the application.