VYPR

wikmd

by Linbreux

CVEs (2)

  • CVE-2022-36081HigSep 7, 2022
    risk 0.00cvss 7.5epss 0.01

    Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing `/list/<path:folderpath>` and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue.

  • CVE-2022-36080MedSep 7, 2022
    risk 0.00cvss 6.1epss 0.00

    Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, an attacker could capture user's session cookies or execute malicious Javascript when a victim edits a markdown file. Version 1.7.1 fixes this issue.