Inkdrop

inkdrop

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-44141 1Inkdrop 1Inkdrop Nov 21, 2024 Oct 30, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file.
CVE-2022-46603 1Inkdrop 1Inkdrop Apr 9, 2025 Jan 9, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file.
CVE-2022-38639 1Inkdrop 1Markdown Nice Nov 21, 2024 Sep 9, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A cross-site scripting (XSS) vulnerability in Markdown-Nice v1.8.22 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Community Posting field.
CVE-2021-20745 1Inkdrop 1Inkdrop Nov 21, 2024 Jun 28, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop.