CVE-2021-47842

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.2 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N                                    

Vulnerability Description

StudyMD 0.3.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code execution.

Vulnerability Details

Published Date

January 16, 2026

Last Modified

January 16, 2026

CWE ID

CWE-79

Source

NVD

Vendor

jotron

Product

StudyMD

External References

https://github.com/jotron/StudyMD
https://imgur.com/a/lDHKEIp
https://www.exploit-db.com/exploits/49832
https://www.vulncheck.com/advisories/studymd-persistent-cross-site-scripting
https://www.vulncheck.com/advisories/studymd-persistent-cross-site-scripting

CVE-2021-47842

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment