Security Advisory

CVE-2024-36109

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-28 18:40:55
Last updated 2024-08-02 03:30:13
Assigner GitHub_M
State PUBLISHED

Description

CoCalc is web-based software that enables collaboration in research, teaching, and scientific publishing. In affected versions the markdown parser allows `<script>` tags to be included which execute when published. This issue has been addressed in commit `419862a9c9879c`. Users are advised to upgrade. There are no known workarounds for this vulnerability.