Zettlr - Zettlr CVE

Filtered by vendor Zettlr Subscribe

Filtered by product Zettlr

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-26835	1 Zettlr	1 Zettlr	2021-06-21	4.3 MEDIUM	6.1 MEDIUM
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.
CVE-2021-20727	1 Zettlr	1 Zettlr	2021-06-01	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr.

Vulnerabilities (CVE)