CVE-2021-20727

Summary

Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr.

Affected Software

VendorProductVersion RangeStatus
Hendrik ErzZettlrfrom 0.20.0 to 1.8.8affected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References