Vulnerabilities (CVE)

Filtered by vendor Gitbook Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19596 1 Gitbook 1 Gitbook 2024-02-04 3.5 LOW 5.4 MEDIUM
GitBook through 2.6.9 allows XSS via a local .md file.
CVE-2017-16019 1 Gitbook 1 Gitbook 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader.