Vulnerabilities > CVE-2020-20269 - Unspecified vulnerability in Caret

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

caret

critical

NVD

Published: 2021-01-26

Updated: 2021-01-30

Summary

A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.

Vulnerable Configurations

Part	Description	Count
Application	Caret Caret Caret 1.1.0 Caret Caret 1.2.0 Caret Caret 1.2.1 Caret Caret 1.2.2 Caret Caret 1.3.4 Caret Caret 1.4.0 Caret Caret 1.5.0 Caret Caret 1.5.1 Caret Caret 1.5.2 Caret Caret 1.5.3 Caret Caret 1.5.4 Caret Caret 1.6.0 Caret Caret 1.6.1 Caret Caret 1.7.0 Caret Caret 1.7.1 Caret Caret 1.7.2 Caret Caret 1.8.0 Caret Caret 1.8.1 Caret Caret 1.8.2 Caret Caret 1.9.0 Caret Caret 1.9.1 Caret Caret 1.9.2 Caret Caret 1.9.3 Caret Caret 1.10.0 Caret Caret 1.11.0 Caret Caret 1.11.1 Caret Caret 1.11.2 Caret Caret 1.11.3 Caret Caret 1.12.0 Caret Caret 1.12.1 Caret Caret 1.12.2 Caret Caret 1.13.0 Caret Caret 1.13.1 Caret Caret 1.13.2 Caret Caret 1.13.3 Caret Caret 1.13.4 Caret Caret 1.14.0 Caret Caret 1.14.1 Caret Caret 1.14.2 Caret Caret 1.14.3 Caret Caret 1.15.0 Caret Caret 1.15.1 Caret Caret 2.0.0 Caret Caret 2.0.1 Caret Caret 2.0.2 Caret Caret 2.0.3 Caret Caret 2.0.4 Caret Caret 2.0.5 Caret Caret 2.0.6 Caret Caret 2.0.7 Caret Caret 2.0.8 Caret Caret 2.0.9 Caret Caret 2.0.10 Caret Caret 2.0.11 Caret Caret 2.1.0 Caret Caret 2.1.1 Caret Caret 2.1.2 Caret Caret 2.1.3 Caret Caret 3.0.0 Caret Caret 3.0.1 Caret Caret 3.0.2 Caret Caret 3.1.0 Caret Caret 3.2.0 Caret Caret 3.2.1 Caret Caret 3.2.2 Caret Caret 3.2.3 Caret Caret 3.3.0 Caret Caret 3.3.1 Caret Caret 3.4.0 Caret Caret 3.4.1 Caret Caret 3.4.2 Caret Caret 3.4.3 Caret Caret 3.4.4 Caret Caret 3.4.5 Caret Caret 3.4.6 Caret Caret 4.0.0	99

Summary

Vulnerable Configurations

References