← Back

Gitnote

gitnote

Vendor: Gitnoteapp • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-9785
1Gitnoteapp
1Gitnote
Nov 21, 2024
Mar 14, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the onerror attribute of an IM...Show more
gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the onerror attribute of an IMG element.Show less