CVE-2024-0647

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-0647
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0647.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-0647
Published
2024-01-17T19:15:08Z
Modified
2024-09-03T04:37:45.021058Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability, which was classified as problematic, was found in Sparksuite SimpleMDE up to 1.11.2. This affects an unknown part of the component iFrame Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251373 was assigned to this vulnerability.

References

Affected packages

Git / github.com/sparksuite/simplemde-markdown-editor

Affected ranges

Type
GIT
Repo
https://github.com/sparksuite/simplemde-markdown-editor
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

1.*

1.0.0
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.10.0
1.10.1
1.11.0
1.11.1
1.11.2
1.2.0
1.2.1
1.3.0
1.3.1
1.4.0
1.5.0
1.5.1
1.6.0
1.6.1
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.8.0
1.8.1
1.9.0