Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a three backtick wrapped payload with a character in front: L: "```<script>alert();</script>```". NOTE: This has been argued as a non-issue (see references) since it is not the parser's job to sanitize malicious code from a parsed document
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP Markdown 跨站脚本漏洞
Vulnerability Description
PHP Markdown是一款基于PHP的、可扩展的Markdown解析器。 PHP Markdown 1.2.0及之前版本中存在跨站脚本漏洞。远程攻击者可借助特制的MD格式的文件利用该漏洞窃取用户数据。
CVSS Information
N/A
Vulnerability Type
N/A