MidnightBSD

Advisories for epiceditor_project

CVE-2017-6589 MEDIUM

EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. An example attack vector is a crafted IMG element in an HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
epiceditor_project epiceditor *