Vulnerabilities > Marked Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2014-3743 | Cross-site Scripting vulnerability in Marked Project Marked Multiple cross-site scripting (XSS) vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) gfm codeblocks (language) or (2) javascript url's. | 6.1 |
| 2018-05-31 | CVE-2016-10531 | Cross-site Scripting vulnerability in Marked Project Marked marked is an application that is meant to parse and compile markdown. | 6.1 |
| 2018-01-02 | CVE-2017-1000427 | Cross-site Scripting vulnerability in Marked Project Marked marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser. | 6.1 |