Typora Markdown Editor Vulnerable to XSS Attacks
CVE-2024-33300
Currently unrated
What is CVE-2024-33300?
Typora Markdown Editor is susceptible to a cross-site scripting (XSS) vulnerability that affects versions ranging from 1.0.0 to 1.7. This flaw enables attackers to execute arbitrary code by uploading specially crafted Markdown files. When users open these files within the editor, the malicious script runs, potentially compromising the user's system and data integrity. Users of Typora should remain vigilant and consider updating to the latest version to mitigate risks associated with this vulnerability.