Vulnerabilities > Zettlr

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-03	CVE-2022-40276	Improper Input Validation vulnerability in Zettlr 2.3.0 Zettlr version 2.3.0 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious markdown file through Zettlr. local low complexity zettlr CWE-20	5.5
2021-06-18	CVE-2021-26835	Cross-site Scripting vulnerability in Zettlr 1.8.7 No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file. network low complexity zettlr CWE-79	6.1
2021-05-27	CVE-2021-20727	Cross-site Scripting vulnerability in Zettlr Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr. network low complexity zettlr CWE-79	6.1

Vulnerabilities > Zettlr {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zettlr"}]}