Filtered by vendor Quantizor
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21535 | 1 Quantizor | 1 Markdown-to-jsx | 2024-10-17 | N/A | 6.1 MEDIUM |
| Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown. | |||||