Untrusted Markdown Content Vulnerability in Documize before 3.5.1

Untrusted Markdown Content Vulnerability in Documize before 3.5.1

CVE-2019-19619 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.

Learn more about our Web Application Penetration Testing UK.