Skip to main content

Inkdrop

2 CVEs product

Monthly

CVE-2023-44141 HIGH This Week

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Inkdrop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-20745 HIGH This Week

Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Inkdrop
NVD
CVSS 3.1
7.8
EPSS
1.0%
EPSS 0% CVSS 7.8
HIGH This Week

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Inkdrop
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Inkdrop
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy