VYPR
Medium severity6.1OSV Advisory· Published Jul 8, 2018· Updated Jun 17, 2026

CVE-2018-13433

CVE-2018-13433

Description

Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Boostio/BoostnoteOSV2 versions
    0.2.1, prototype#1, v.0.8.11, …+ 1 more
    • (no CPE)range: 0.2.1, prototype#1, v.0.8.11, …
    • (no CPE)range: =0.11.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.