Skip to content

Prevent Cross-site Scripting when editing makdown file

High
Linbreux published GHSA-9m4m-6gqx-gfj3 Sep 4, 2022

Package

wiki.py (wikmd)

Affected versions

< 1.7.0

Patched versions

>= 1.7.1

Description

Impact

An attacker could capture user's session cookies or execute malicious Javascript

Severity

High

CVE ID

CVE-2022-36080

Weaknesses

Credits