Arbitrary Code Injection through Markdown Text in pandao editor.md (<= 1.5.0)

Arbitrary Code Injection through Markdown Text in pandao editor.md (<= 1.5.0)

CVE-2023-29641 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text.

Learn more about our Web App Pen Testing.