Known Vulnerabilities for products from Marktext

Listed below are 7 of the newest known vulnerabilities associated with the vendor "Marktext".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-2318 json DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbi... 9.6 - CRITICAL 2023-08-19 2023-08-24
CVE-2023-1004 json A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability... 7.8 - HIGH 2023-02-24 2023-11-07
CVE-2022-25069 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 9.6 - CRITICAL 2022-03-05 2022-03-10
CVE-2022-24123 json MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execu... 9 - CRITICAL 2022-01-29 2022-02-04
CVE-2022-21158 json A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link (with ... 5.4 - MEDIUM 2022-03-10 2022-03-15
CVE-2021-29996 json Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution (RCE) by open... 9.6 - CRITICAL 2021-04-05 2021-04-12
CVE-2020-27176 json Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplica... 9.6 - CRITICAL 2020-10-16 2020-10-26

Known software with vulnerabilities from Marktext

Type Vendor Product Version
ApplicationMarktextMarktext0.0.1