Skip to main content

Docsify

3 CVEs product

Monthly

CVE-2021-30074 npm MEDIUM POC PATCH This Month

docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Docsify
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-23342 npm MEDIUM POC PATCH This Month

This affects the package docsify before 4.12.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Docsify
NVD GitHub
CVSS 3.1
6.1
EPSS
1.7%
CVE-2020-7680 npm MEDIUM POC PATCH This Month

docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Docsify
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
4.5%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Docsify
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

This affects the package docsify before 4.12.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Docsify
NVD GitHub
EPSS 4% CVSS 6.1
MEDIUM POC PATCH This Month

docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Docsify
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy