Lucene search
Veracode Vulnerability DatabaseVERACODE:22128HistoryDec 06, 2019 - 8:47 a.m.
Cross-Site Scripting (XSS)
2019-12-0608:47:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
30.8%
github.com/documize/community is vulnerable to cross-site scripting (XSS). The application does not properly convert markdown data into HTML. An attacker will potentially be able to inject and execute arbitrary Javascript in a victim’s browser. The bluemonday HTML sanitizer is used to address this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/documize/community | eq | HEAD | |
| github.com/documize/community | le | 3.5.0 |
Related
cve
cve
CVE-2019-19619
2019-12-06 04:15:10
prion
prion
Design/Logic Flaw
2019-12-06 04:15:00
osv
osv
Cross-site scripting in github.com/documize/community
2021-04-14 20:04:52
Cross-site Scripting in Documize
2021-05-18 15:30:30
CVE-2019-19619
2019-12-06 04:15:10
nvd
nvd
CVE-2019-19619
2019-12-06 04:15:10
github
github
Cross-site Scripting in Documize
2021-05-18 15:30:30
cvelist
cvelist
CVE-2019-19619
2019-12-06 03:28:46