Posted by research on Feb 19

————————————————————–
docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability
————————————————————–

[-] Software Link:

https://docsify.js.org/

[-] Affected Versions:

Version 4.11.6 and prior versions.

[-] Vulnerability Description:

The vulnerability exists due to an incomplete fix for CVE-2020-7680.
When parsing HTML from remote URLs, the HTML code…
Read More – Full Disclosure


By |2021-02-20T02:20:18-05:00February 20th, 2021|