Skip to main content

Simple Markdown

1 CVEs product

Monthly

CVE-2019-9844 npm MEDIUM PATCH This Month

simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Simple Markdown Fedora
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Simple Markdown Fedora
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy