CVE-2019-15499

CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element with allow-top-navigation in the sandbox attribute, in conjunction with a data: URL.
References
Link Resource
https://github.com/hackmdio/codimd/issues/1263 Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2019-08-23 04:15

Updated : 2019-10-09 12:51


NVD link : CVE-2019-15499

Mitre link : CVE-2019-15499

Products Affected
CWE