Md Fileserver
by Commenthol
Source repositories
CVEs (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46492 | hig | 0.45 | — | — | May 21, 2026 | ### Summary A cross-site scripting (XSS) vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including ``` Open it on browser. View the HTTP request in Burp Collaborator. ### Impact Successful exploitation allows an attacker to execute arbitrary JavaScript in the victim’s browser, leading to: - Session hijacking - Account takeover - Credential theft - Defacement or injection of malicious content - Exfiltration of sensitive data via API tokens, CSRF tokens, or user information This affects all users who can view Markdown content within the application. |
- risk 0.45cvss —epss —
### Summary A cross-site scripting (XSS) vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including ``` Open it on browser. View the HTTP request in Burp Collaborator. ### Impact Successful exploitation allows an attacker to execute arbitrary JavaScript in the victim’s browser, leading to: - Session hijacking - Account takeover - Credential theft - Defacement or injection of malicious content - Exfiltration of sensitive data via API tokens, CSRF tokens, or user information This affects all users who can view Markdown content within the application.