Hackerone Remarkable Node Module vulnerabilities
2 known vulnerabilities affecting hackerone/remarkable_node_module.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-16006MEDIUMCVSS 6.1v<=1.6.22018-06-04
CVE-2017-16006 [MEDIUM] CWE-79 CVE-2017-16006: Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` U
Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript.
nvd
CVE-2014-10065MEDIUMCVSS 6.1v<1.4.12018-05-31
CVE-2014-10065 [MEDIUM] CWE-94 CVE-2014-10065: Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disal
Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content.
nvd