Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-12
Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-12
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the src component.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-04-16
Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-12-23