DOM XSS vulnerability in pandao Editor.md 1.5.0 via mishandling of input starting with <<.

DOM XSS vulnerability in pandao Editor.md 1.5.0 via mishandling of input starting with <<.

CVE-2018-19056 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

pandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element.

Learn more about our Web Application Penetration Testing UK.