Security Advisory

CVE-2021-43721

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-28 13:37:04

Last updated 2024-08-04 04:03:08

Assigner mitre

State PUBLISHED

Description

Leanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in the markdown type note. This leads to remote code execution with payload : <video src=x onerror=(function(){require(child_process).exec(calc);})();>

← Browse all CVEs View on cve.org ↗