CVE-2024-41482

Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component.
References
Link Resource
https://support.typora.io/What%27s-New-1.9/ Release Notes
Configurations

Configuration 1 (hide)

cpe:2.3:a:typora:typora:*:*:*:*:*:*:*:*

History

13 Aug 2024, 14:51

Type Values Removed Values Added
Summary
  • (es) Typora anterior a 1.9.3 Markdown editor tiene una vulnerabilidad de cross site scripting (XSS) a través del componente MathJax.
References () https://support.typora.io/What%27s-New-1.9/ - () https://support.typora.io/What%27s-New-1.9/ - Release Notes
CPE cpe:2.3:a:typora:typora:*:*:*:*:*:*:*:*
CWE CWE-79
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
First Time Typora typora
Typora

12 Aug 2024, 13:41

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-12 13:38

Updated : 2024-08-13 14:51


NVD link : CVE-2024-41482

Mitre link : CVE-2024-41482

CVE.ORG link : CVE-2024-41482


JSON object : View

Products Affected

typora

  • typora
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')