CVE-2024-21535 - Markdown-to-jsx Cross-site Scripting (XSS)

1 month ago 16

ARTICLE AD BOX

CVE ID : CVE-2024-21535
Published : Oct. 15, 2024, 5:15 a.m. | 24 minutes ago
Description : Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Read Entire Article

CVE-2024-21535 - Markdown-to-jsx Cross-site Scripting (XSS)

ARTICLE AD BOX

Related

CVE-2024-49203 - Querydsl JPA orderBy SQL Injection

CVE-2024-52702 - MyBB Stored XSS Vulnerability

CVE-2024-48986 - Micrium mBedOS HCI Buffer Overflow Vulnerab...

Trending

Popular

CVE-2024-6343 - Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W...

CVE-2024-5053 - Fluent Forms Mailchimp API Key Update Weakne...

CVE-2024-8367 - HM Courts & Tribunals Service Probate Back O...

CVE-2024-44946 - Linux KCM kcm_sendmsg() UAF

CVE-2024-8368 - "Code-projects Hospital Management System SQ...