Vulnerabilities (CVE)

Filtered by vendor Wikmd Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36081 1 Wikmd Project 1 Wikmd 2024-11-21 N/A 7.5 HIGH
Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing `/list/<path:folderpath>` and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue.
CVE-2022-36080 1 Wikmd Project 1 Wikmd 2024-11-21 N/A 6.1 MEDIUM
Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, an attacker could capture user's session cookies or execute malicious Javascript when a victim edits a markdown file. Version 1.7.1 fixes this issue.