AVG-1946 log

Package hedgedoc
Status Fixed
Severity High
Type cross-site scripting
Affected 1.8.1-1
Fixed 1.8.2-1
Current 1.9.0-1 [community]
Ticket None
Created Tue May 11 19:58:18 2021
Issue Severity Remote Type Description
CVE-2021-29503 High Yes Cross-site scripting
HedgeDoc before version 1.8.2  is vulnerable to a cross-site scripting (XSS) attack using the YAML-metadata of a note. An attacker with write access to a...
Date Advisory Package Type
19 May 2021 ASA-202105-9 hedgedoc cross-site scripting