VYPR
Medium severity6.1NVD Advisory· Published May 26, 2021· Updated Jun 17, 2026

CVE-2020-18221

CVE-2020-18221

Description

Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula.

Affected products

2
  • Typora/Typoradescription
  • Typora/Typorallm-fuzzy
    Range: <=0.9.65

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.