CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Loomio: >> Loomio >> 1.6.0 Security Vulnerabilities

CVE-2017-11594

Cross-site scripting (XSS) vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment.

CVSS Score

5.4

EPSS Score

0.002

Published

2017-07-24

Page 1

Vulnerabilities

Vulnerable Software

Loomio: >> Loomio >> 1.6.0 Security Vulnerabilities

Products

Pricing

Contact Us