Vulnerabilities > Inkdrop

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-30	CVE-2023-44141	Code Injection vulnerability in Inkdrop Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file. local low complexity inkdrop CWE-94	7.8
2023-01-09	CVE-2022-46603	Cross-site Scripting vulnerability in Inkdrop 5.4.1 An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file. network low complexity inkdrop CWE-79	6.1
2022-09-09	CVE-2022-38639	Cross-site Scripting vulnerability in Inkdrop Markdown Nice 1.8.22 A cross-site scripting (XSS) vulnerability in Markdown-Nice v1.8.22 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Community Posting field. network low complexity inkdrop CWE-79	5.4
2021-06-28	CVE-2021-20745	OS Command Injection vulnerability in Inkdrop Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop. local low complexity inkdrop CWE-78	7.8

Vulnerabilities > Inkdrop {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Inkdrop"}]}