Vulnerabilities > Khanacademy > Simple Markdown > 0.3.2

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-9844 Cross-site Scripting vulnerability in multiple products
simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI.
network
low complexity
khanacademy fedoraproject CWE-79
6.1
6.1