Vulnerabilities > Zettlr > Zettlr > 1.8.7

DATE CVE VULNERABILITY TITLE RISK
2021-06-18 CVE-2021-26835 Cross-site Scripting vulnerability in Zettlr 1.8.7
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.
network
zettlr CWE-79
4.3
4.3