Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML (even if allow_unsafe_links is false) via a newline character (e.g., writing javascript as javascri%0apt).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP League CommonMark library 跨站脚本漏洞
Vulnerability Description
PHP League CommonMark library是一个基于PHP的Markdown解析器。 PHP League CommonMark library 0.15.6版本至0.18.1之前版本中存在跨站脚本漏洞。远程攻击者可借助换行符利用该漏洞将不安全的URL注入到HTML中。
CVSS Information
N/A
Vulnerability Type
N/A