Primary

Context

Markright Persistent Cross-Site Scripting Vulnerability

Vulnerability

A persistent cross-site scripting vulnerability has been identified in Markright version 1.0. This vulnerability allows attackers to inject malicious JavaScript into markdown files, which is executed when the file is opened. This could potentially lead to remote code execution on the victim's system.

Impact

Exploitation of this vulnerability allows for persistent cross-site scripting, with the injected payload executed automatically when the markdown file is opened. According to the vulnerability disclosure, this could enable remote code execution on the victim's system.

Reproduction

To reproduce this vulnerability, upload a markdown file containing a JavaScript payload into the Markright application. Once the file is opened, the embedded script will execute, demonstrating the cross-site scripting vulnerability. The Exploit Database entry for this vulnerability includes a proof-of-concept video showing the exploitation process.

Added: Jan 16, 2026, 8:33 PM

Updated: Jan 16, 2026, 10:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.8

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.8

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Markright Persistent Cross-Site Scripting Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating