Disclosure Date 2022/03/02

CVE-2022-21158

Cross-site Scripting in MarkText

MarkText におけるXSS(クロスサイトスクリプティング)

Credit

Eiji Mori (@ei01241)

Affected-Versions

v0.16.3 and lower, Fixed in v0.17.0

CWE

CWE-79

Description

MarkText contains a cross-site scripting vulnerability, which causes execution of arbitrary script upon opening the Markdown file from the application.

Back