Stored Cross-Site Scripting (XSS) Vulnerability in GitBook

Stored Cross-Site Scripting (XSS) Vulnerability in GitBook

CVE-2017-16019 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader.

Learn more about our Web Application Penetration Testing UK.