CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Hackmdio: Security Vulnerabilities

CVE-2025-46654

CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS through uploaded JavaScript content, but it can be bypassed by uploading a .html file that references an uploaded .js file.

CVSS Score

4.9

EPSS Score

0.0

Published

2025-04-26

Page 1

Vulnerabilities

Vulnerable Software

Hackmdio: Security Vulnerabilities

Products

Pricing

Contact Us