Gitbook: Security Vulnerabilities
GitBook through 2.6.9 allows XSS via a local .md file.
CVSS Score
5.4
EPSS Score
0.003
Published
2019-12-05
GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-04