CVE-2025-56683
Published
CVSS v3
9.6
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS
Description
A cross-site scripting (XSS) vulnerability in the component /app/marketplace.html of Logseq v0.10.9 allows attackers to execute arbitrary code via injecting arbitrary Javascript into a crafted README.md file.
:dart: List of publicly disclosed application vulnerabilities that I found, reported and were attributed to me.
GitHubA privacy-first, open-source platform for knowledge management and collaboration. Download link: http://github.com/logseq/logseq/releases. roadmap: https://logseq.io/p/NX4mc_ggEV
GitHub