Back to search
CVE-2018-5773
Published: Jan 18, 2018
Modified: Sep 16, 2024
PUBLISHED
Description
An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '>' character from an IMG tag.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/trentm/python-markdown2/issues/285
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now