logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-25849

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-25849

Description:
The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting (XSS) because the module of parse markdown does not filter the href attribute very well.
Last updated date:
11/03/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/03/2022
Reference url to background

https://security.snyk.io/vuln/SNYK-PHP-JOYQIHYPERDOWN-2953544

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy