AVG-1946 log
| Package | hedgedoc |
| Status | Fixed |
| Severity | High |
| Type | cross-site scripting |
| Affected | 1.8.1-1 |
| Fixed | 1.8.2-1 |
| Current | 1.9.9-2 [extra] |
| Ticket | None |
| Created | Tue May 11 19:58:18 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-29503 | High | Yes | Cross-site scripting | HedgeDoc before version 1.8.2 is vulnerable to a cross-site scripting (XSS) attack using the YAML-metadata of a note. An attacker with write access to a... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 19 May 2021 | ASA-202105-9 | hedgedoc | cross-site scripting |