CVE-2017-16006

Summary

Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of data: URIs in links and can therefore execute javascript.

Affected Software

VendorProductVersion RangeStatus
HackerOneremarkable node module<=1.6.2affected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Generic (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References