CVE-2025-60312

Medium CVSS: 6.1

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button.

Vendor

Rems

Product

Markdown To Html Converter

CWE

CWE-79

Yayın Tarihi

2025-10-07 16:15:55

Güncelleme

2025-10-10 16:15:20

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Markdown To Html Converter MEDIUM Rems 2025

Referanslar

https://github.com/ChuckBartowski7/Vulnerability-Research/blob/main/CVE-2025-60312/README.md https://www.sourcecodester.com/php/18295/markdown-html-converter-using-php-and-javascript-source-code.html https://github.com/ChuckBartowski7/Vulnerability-Research/blob/main/CVE-2025-60312/README.md

Benzer Kayıtlar

Medium

CVE-2025-63640

Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medicine Name" and "Notes…

Medium

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unautho…

Medium

CVE-2025-60313

Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting (XSS) in the Enter URLs to check input fi…

Medium

CVE-2025-10410

A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This vulnerability affects unknown…

Medium

CVE-2025-10088

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file…

Medium

CVE-2025-6345

A vulnerability was found in SourceCodester My Food Recipe 1.0 and classified as problematic. Affected by this issue is…