VYPR
Unrated severityNVD Advisory· Published Jul 29, 2024· Updated Aug 5, 2024

Note Mark has a stored XSS in the note link href attribute

CVE-2024-41819

Description

Note Mark is a web-based Markdown notes app. A stored cross-site scripting (XSS) vulnerability in Note Mark allows attackers to execute arbitrary web scripts via a crafted payload injected into the URL value of a link in the markdown content. This vulnerability is fixed in 0.13.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Enchant97/Note Markllm-fuzzy2 versions
    <0.13.1+ 1 more
    • (no CPE)range: <0.13.1
    • (no CPE)range: <= 0.13.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.