CVE-2020-19697

pandao/editor.md

on github

Published

April 4, 2023

Severity

CVSS v3:

6.1 MEDIUM

CVSS v2:

N/A

Description

Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the <iframe>src parameter.

References

https://github.com/pandao/editor.md/issues/701

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:ipandao:editor.md:1.5.0:::::::*	n/a	n/a	1.5.0

External Links

NVD - CVE-2020-19697