VYPR
Unrated severityNVD Advisory· Published Feb 24, 2023· Updated Nov 22, 2024

MarkText WSH JScript code injection

CVE-2023-1004

Description

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-221737 was assigned to this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Marktext/Marktextcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=0.17.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.