CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10010

Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2019-10010

Thephpleague » Commonmark » Version: 0.10.0

cpe:2.3:a:thephpleague:commonmark:0.10.0
Thephpleague » Commonmark » Version: 0.11.0

cpe:2.3:a:thephpleague:commonmark:0.11.0
Thephpleague » Commonmark » Version: 0.11.1

cpe:2.3:a:thephpleague:commonmark:0.11.1
Thephpleague » Commonmark » Version: 0.11.2

cpe:2.3:a:thephpleague:commonmark:0.11.2
Thephpleague » Commonmark » Version: 0.11.3

cpe:2.3:a:thephpleague:commonmark:0.11.3
Thephpleague » Commonmark » Version: 0.12.0

cpe:2.3:a:thephpleague:commonmark:0.12.0
Thephpleague » Commonmark » Version: 0.13.0

cpe:2.3:a:thephpleague:commonmark:0.13.0
Thephpleague » Commonmark » Version: 0.13.1

cpe:2.3:a:thephpleague:commonmark:0.13.1
Thephpleague » Commonmark » Version: 0.13.2

cpe:2.3:a:thephpleague:commonmark:0.13.2
Thephpleague » Commonmark » Version: 0.13.3

cpe:2.3:a:thephpleague:commonmark:0.13.3
Thephpleague » Commonmark » Version: 0.13.4

cpe:2.3:a:thephpleague:commonmark:0.13.4
Thephpleague » Commonmark » Version: 0.14.0

cpe:2.3:a:thephpleague:commonmark:0.14.0
Thephpleague » Commonmark » Version: 0.15.0

cpe:2.3:a:thephpleague:commonmark:0.15.0
Thephpleague » Commonmark » Version: 0.15.1

cpe:2.3:a:thephpleague:commonmark:0.15.1
Thephpleague » Commonmark » Version: 0.15.2

cpe:2.3:a:thephpleague:commonmark:0.15.2
Thephpleague » Commonmark » Version: 0.15.3

cpe:2.3:a:thephpleague:commonmark:0.15.3
Thephpleague » Commonmark » Version: 0.15.4

cpe:2.3:a:thephpleague:commonmark:0.15.4
Thephpleague » Commonmark » Version: 0.15.5

cpe:2.3:a:thephpleague:commonmark:0.15.5
Thephpleague » Commonmark » Version: 0.15.6

cpe:2.3:a:thephpleague:commonmark:0.15.6
Thephpleague » Commonmark » Version: 0.15.7

cpe:2.3:a:thephpleague:commonmark:0.15.7
Thephpleague » Commonmark » Version: 0.16.0

cpe:2.3:a:thephpleague:commonmark:0.16.0
Thephpleague » Commonmark » Version: 0.17.0

cpe:2.3:a:thephpleague:commonmark:0.17.0
Thephpleague » Commonmark » Version: 0.17.1

cpe:2.3:a:thephpleague:commonmark:0.17.1
Thephpleague » Commonmark » Version: 0.17.2

cpe:2.3:a:thephpleague:commonmark:0.17.2
Thephpleague » Commonmark » Version: 0.17.3

cpe:2.3:a:thephpleague:commonmark:0.17.3
Thephpleague » Commonmark » Version: 0.17.4

cpe:2.3:a:thephpleague:commonmark:0.17.4
Thephpleague » Commonmark » Version: 0.17.5

cpe:2.3:a:thephpleague:commonmark:0.17.5
Thephpleague » Commonmark » Version: 0.18.0

cpe:2.3:a:thephpleague:commonmark:0.18.0
Thephpleague » Commonmark » Version: 0.18.1

cpe:2.3:a:thephpleague:commonmark:0.18.1
Thephpleague » Commonmark » Version: 0.18.2

cpe:2.3:a:thephpleague:commonmark:0.18.2
Thephpleague » Commonmark » Version: 0.5.0

cpe:2.3:a:thephpleague:commonmark:0.5.0
Thephpleague » Commonmark » Version: 0.5.1

cpe:2.3:a:thephpleague:commonmark:0.5.1
Thephpleague » Commonmark » Version: 0.6.0

cpe:2.3:a:thephpleague:commonmark:0.6.0
Thephpleague » Commonmark » Version: 0.6.1

cpe:2.3:a:thephpleague:commonmark:0.6.1
Thephpleague » Commonmark » Version: 0.7.0

cpe:2.3:a:thephpleague:commonmark:0.7.0
Thephpleague » Commonmark » Version: 0.7.1

cpe:2.3:a:thephpleague:commonmark:0.7.1
Thephpleague » Commonmark » Version: 0.7.2

cpe:2.3:a:thephpleague:commonmark:0.7.2
Thephpleague » Commonmark » Version: 0.8.0

cpe:2.3:a:thephpleague:commonmark:0.8.0
Thephpleague » Commonmark » Version: 0.9.0

cpe:2.3:a:thephpleague:commonmark:0.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10010

Products

Pricing

Contact Us