Vulnerabilities > Marktext > Marktext > 0.16.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-19 | CVE-2023-2318 | Cross-site Scripting vulnerability in Marktext DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. | 9.6 |
2023-02-24 | CVE-2023-1004 | Code Injection vulnerability in Marktext A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. | 7.8 |
2022-03-05 | CVE-2022-25069 | Cross-site Scripting vulnerability in Marktext 0.16.3 Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to perform remote code execution (RCE) via injecting a crafted payload into /lib/contentState/pasteCtrl.js. | 6.8 |