CVE-2022-21158

XSS in MarkText (MarkText における XSS)

MarkText contains a cross-site scripting vulnerability, which causes execution of arbitrary script upon opening the Markdown file from the application.

Disclosure Date

2022/03/02

Credit

Eiji Mori (@ei01241)

Affected-Versions

Marktext: v0.16.3 and earlier, Fixed in v0.17.0

CWE

CWE-79

Product-URLs

https://marktext.app/

Reference

https://www.cve.org/CVERecord?id=CVE-2022-21158
https://jvn.jp/jp/JVN89524240/
https://github.com/marktext/marktext/releases/tag/v0.17.0

Back

XSS in MarkText (MarkText における XSS)

Disclosure Date

Credit

Affected-Versions

CWE

Product-URLs

Reference

会社情報

サービス紹介

お問い合わせ