Vulnerabilities > Inkdrop
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-44141 | Code Injection vulnerability in Inkdrop Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file. | 7.8 |
| 2023-01-09 | CVE-2022-46603 | Cross-site Scripting vulnerability in Inkdrop 5.4.1 An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file. | 6.1 |
| 2021-06-28 | CVE-2021-20745 | OS Command Injection vulnerability in Inkdrop Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop. | 9.3 |