Moderate severityOSV Advisory· Published Mar 13, 2019· Updated Aug 4, 2024
CVE-2019-9737
CVE-2019-9737
Description
Editor.md 1.5.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-2j5v-fc74-j9q2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-9737ghsaADVISORY
- github.com/pandao/editor.md/issues/662ghsax_refsource_MISCWEB
- www.npmjs.com/advisories/794ghsaWEB
News mentions
0No linked articles in our index yet.