modules: | |
- module: github.com/documize/community | |
versions: | |
- fixed: 1.76.3-0.20191119114751-a4384210d4d0 | |
vulnerable_at: 1.76.3-0.20191115182156-68824912016c | |
packages: | |
- package: github.com/documize/community/domain/section/markdown | |
symbols: | |
- Provider.Render | |
description: | | |
HTML content in markdown is not santized during rendering, possibly allowing | |
XSS if used to render untrusted user input. | |
published: 2021-04-14T20:04:52Z | |
cves: | |
- CVE-2019-19619 | |
ghsas: | |
- GHSA-wmwp-pggc-h4mj | |
references: | |
- fix: https://github.com/documize/community/commit/a4384210d4d0d6b18e6fdb7e155de96d4a1cf9f3 |