CVE-2022-43668

Summary

Typora versions prior to 1.4.4 fails to properly neutralize JavaScript code, which may result in executing JavaScript code contained in the file when opening a file with the affected product.

Affected Software

VendorProductVersion RangeStatus
TyporaTyporaversions prior to 1.4.4affected

Weaknesses

  • Improper Encoding or Escaping of Output

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References