Show filters
11 Total Results
Displaying 1-10 of 11
Sort by:
Attacker Value
Unknown

CVE-2020-19660

Disclosure Date: May 08, 2023 (last updated October 08, 2023)
Cross Site Scripting (XSS) pandao editor.md 1.5.0 allows attackers to execute arbitrary code via crafted linked url values.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-29641

Disclosure Date: May 01, 2023 (last updated October 08, 2023)
Cross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-19698

Disclosure Date: April 04, 2023 (last updated October 08, 2023)
Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the editor parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-19697

Disclosure Date: April 04, 2023 (last updated October 08, 2023)
Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the <iframe>src parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-14653

Disclosure Date: August 03, 2019 (last updated November 27, 2024)
pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element.
0
0
Attacker Value
Unknown

CVE-2019-14517

Disclosure Date: August 01, 2019 (last updated November 27, 2024)
pandao Editor.md 1.5.0 allows XSS via the Javas&#99;ript: string.
0
0
Attacker Value
Unknown

CVE-2019-9737

Disclosure Date: March 13, 2019 (last updated November 27, 2024)
Editor.md 1.5.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-19056

Disclosure Date: November 07, 2018 (last updated November 27, 2024)
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element.
0
0
Attacker Value
Unknown

CVE-2018-18919

Disclosure Date: November 04, 2018 (last updated November 27, 2024)
The WP Editor.md plugin 10.0.1 for WordPress allows XSS via the comment area.
0
0
Attacker Value
Unknown

CVE-2018-16330

Disclosure Date: September 02, 2018 (last updated November 27, 2024)
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
0
0
View More Topics  Next >