Hedgedoc

Hedgedoc

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-21259

Exploit
  • EPSS 0.27%
  • Veröffentlicht 22.01.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:47:52

HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, which is executed when the note is viewed in slide mode...

7.5

CVE-2020-26286

  • EPSS 1.31%
  • Veröffentlicht 29.12.2020 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:19:45

HedgeDoc is a collaborative platform for writing and sharing markdown. In HedgeDoc before version 1.7.1 an unauthenticated attacker can upload arbitrary files to the upload storage backend including HTML, JS and PHP files. The problem is patched in H...

8.7

CVE-2020-26287

Exploit
  • EPSS 0.55%
  • Veröffentlicht 29.12.2020 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:19:45

HedgeDoc is a collaborative platform for writing and sharing markdown. In HedgeDoc before version 1.7.1 an attacker can inject arbitrary `script` tags in HedgeDoc notes using mermaid diagrams. Our content security policy prevents loading scripts from...