Typora
by Typora
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33300 | 0.00 | — | 0.01 | May 1, 2024 | Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files. | |||
| CVE-2024-31784 | 0.00 | — | 0.00 | Apr 16, 2024 | An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the src component. | |||
| CVE-2024-31783 | 0.00 | — | 0.00 | Apr 16, 2024 | Cross Site Scripting (XSS) vulnerability in Typora v.1.6.7 and before, allows a local attacker to obtain sensitive information via a crafted script during markdown file creation. | |||
| CVE-2019-20374 | Cri | 0.00 | 9.6 | 0.02 | Jan 9, 2020 | A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to… |
- CVE-2024-33300May 1, 2024risk 0.00cvss —epss 0.01
Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files.
- CVE-2024-31784Apr 16, 2024risk 0.00cvss —epss 0.00
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the src component.
- CVE-2024-31783Apr 16, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in Typora v.1.6.7 and before, allows a local attacker to obtain sensitive information via a crafted script during markdown file creation.
- risk 0.00cvss 9.6epss 0.02
A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to…
Page 2 of 2