Security Advisory

CVE-2014-10065

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-05-31 20:00:00

Last updated 2024-09-16 22:25:48

Assigner hackerone

State PUBLISHED

Description

Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: urls to be injected into the rendered content.

← Browse all CVEs View on cve.org ↗