CVE-2024-36109

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-36109

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36109.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-36109

Related

GHSA-8w44-hggw-p5rf

Published

2024-05-28T19:15:10Z

Modified

2025-01-14T19:46:52Z

Summary

[none]

Details

CoCalc is web-based software that enables collaboration in research, teaching, and scientific publishing. In affected versions the markdown parser allows <script> tags to be included which execute when published. This issue has been addressed in commit 419862a9c9879c. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Git / github.com/sagemathinc/cocalc

Affected ranges

Type: GIT
Repo: https://github.com/sagemathinc/cocalc
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

419862a9c9879c

Fixed

419862a9c9879c