Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionGitHub Advisory
BentoPDF is a client-side PDF toolkit that is self hostable. Prior to version 2.8.3, a cross-site scripting vulnerability was identified in BentoPD. An attacker may be able to execute arbitrary JavaScript in certain circumstances in Markdown to PDF Tool. This issue has been patched in version 2.8.3.
AnalysisAI
Cross-site scripting in BentoPDF's Markdown to PDF Tool allows remote attackers to execute arbitrary JavaScript when users interact with malicious Markdown content. Affects all versions prior to 2.8.3. Vendor-released patch version 2.8.3 available with immediate upgrade recommended by maintainer. No public exploit identified at time of analysis, though vulnerability was responsibly disclosed by independent researcher. CVSS 7.0 with network attack vector but requires user interaction, reducing automation potential.
Technical ContextAI
BentoPDF is a client-side, self-hostable PDF toolkit that converts Markdown documents to PDF format. The vulnerability exists in the Markdown to PDF conversion feature, classified as CWE-79 (Improper Neutralization of Input During Web Page Generation). This occurs when user-supplied Markdown content is rendered in the browser without proper sanitization, allowing HTML/JavaScript injection. The fix in version 2.8.3 includes upgrading DOMPurify from 3.3.3 to 3.4.0 (evidenced in release notes), indicating the sanitization library was either missing, misconfigured, or contained a bypass in earlier versions. As a client-side application (cpe:2.3:a:alam00000:bentopdf), the XSS executes in the victim's browser context when processing attacker-controlled Markdown, potentially compromising session tokens, manipulating PDF output, or exfiltrating data from the application.
RemediationAI
Upgrade to BentoPDF version 2.8.3 immediately (https://github.com/alam00000/bentopdf/releases/tag/v2.8.3). The maintainer explicitly recommends all users upgrade with urgency due to the security-critical nature of this fix. Version 2.8.3 incorporates DOMPurify 3.4.0 and addresses the XSS vulnerability per GHSA-6vh8-4frx-647f. If immediate upgrade is not feasible, implement strict input validation on Markdown sources: only process Markdown from trusted, authenticated users; reject or sanitize any external/untrusted Markdown files before processing; deploy Content Security Policy headers to restrict inline script execution and limit XSS impact (add 'script-src self' and remove 'unsafe-inline', though this may break legitimate functionality requiring testing). Run BentoPDF in isolated browser contexts or sandboxed iframes to contain potential XSS impact. Disable or restrict access to the Markdown to PDF tool if not operationally required. Note that CSP and sandboxing are defense-in-depth measures with operational overhead and may interfere with normal PDF generation features - upgrade to 2.8.3 remains the primary and most complete mitigation.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28404