Vulnerability DatabaseWS-2019-0026
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2019-0026
Published:May 14, 2026
Updated:May 14, 2026
Versions 0.3.7 and earlier of marked suuport unescaping of only lowercase, which may lead to XSS.
Affected Packages
marked (CDN_JS):
Affected version(s) >=0.0.1 <0.3.9
Fix Suggestion:
Update to version 0.3.9
anvio-minimal (CONDA):
Affected version(s) >=5.2.0 <=7.1
Fix Suggestion:
Update to version no_fix
tensorflow (CONDA):
Affected version(s) =0.7.1 <0.8.0
Fix Suggestion:
Update to version 0.8.0
anvio (CONDA):
Affected version(s) >=2.3.2 <5.2.0
Fix Suggestion:
Update to version 5.2.0
ipython (CONDA):
Affected version(s) >=1.0.0 <4.0.0
Fix Suggestion:
Update to version 4.0.0
notebook (CONDA):
Affected version(s) >=4.0.1 <5.3.1
Fix Suggestion:
Update to version 5.3.1
notebook (CONDA):
Affected version(s) =5.5.0 <5.6.0
Fix Suggestion:
Update to version 5.6.0
marked (NPM):
Affected version(s) >=0.0.1 <0.3.9
Fix Suggestion:
Update to version 0.3.9
angular-markdown-editor (NUGET):
Affected version(s) >=1.0.0 <=1.1.3
Fix Suggestion:
Update to version no_fix
availablelight (NUGET):
Affected version(s) =1.0.7 <1.0.8
Fix Suggestion:
Update to version 1.0.8
gnap.themes.web.gnap.angular (NUGET):
Affected version(s) >=0.22.0 <=1.1.0
Fix Suggestion:
Update to version no_fix
zchat (NUGET):
Affected version(s) >=1.0.0 <=1.0.1
Fix Suggestion:
Update to version no_fix
raml.parser (NUGET):
Affected version(s) >=1.0.0 <1.0.7
Fix Suggestion:
Update to version 1.0.7
midiator.webclient (NUGET):
Affected version(s) >=1.0.98 <1.0.105
Fix Suggestion:
Update to version 1.0.105
polymer-iron-elements (NUGET):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
z4a-dotnet-scaffold (NUGET):
Affected version(s) >=1.0.0.1 <1.0.0.3
Fix Suggestion:
Update to version 1.0.0.3
jsdoc (NUGET):
Affected version(s) >=3.4.0 <=4.3.0
Fix Suggestion:
Update to version no_fix
autorest (NUGET):
Affected version(s) >=1.0.1 <=1.2.1
Fix Suggestion:
Update to version no_fix
polymer-core-elements (NUGET):
Affected version(s) >=0.4.2 <=0.5.5
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) =4.1.x-dev <4.1.1
Fix Suggestion:
Update to version 4.1.1
lindelin/lindale (PHP):
Affected version(s) >=v1.4.10 <v1.4.14
Fix Suggestion:
Update to version v1.4.14
20steps/bricks-demo-angularjs (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/render-api-docs <dev-task/replace-workspace-and-contentstreamfinder
Fix Suggestion:
Update to version dev-task/replace-workspace-and-contentstreamfinder
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-RvdWxp <dev-analysis-YOjolj
Fix Suggestion:
Update to version dev-analysis-YOjolj
typo3/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/yargs-parser-5.0.1 <5.0.2
Fix Suggestion:
Update to version 5.0.2
bolt/bolt (PHP):
Affected version(s) =v3.2.13 <v3.2.14
Fix Suggestion:
Update to version v3.2.14
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=1.0.8.x-dev <1.1.x-dev
Fix Suggestion:
Update to version 1.1.x-dev
typo3/neos (PHP):
Affected version(s) >=5.3.8 <dev-dependabot/npm_and_yarn/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/node-sass-7.0.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-5ZQZ3l <dev-analysis-5ZmxZv
Fix Suggestion:
Update to version dev-analysis-5ZmxZv
neos/neos-development-collection (PHP):
Affected version(s) >=dev-feature/show-asset-collection <dev-feature/simplify-command-handling
Fix Suggestion:
Update to version dev-feature/simplify-command-handling
neos/neos-development-collection (PHP):
Affected version(s) =dev-mficzel-patch-1 <dev-task/eventstore-1.0
Fix Suggestion:
Update to version dev-task/eventstore-1.0
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/path-parse-1.0.7 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
typo3/neos (PHP):
Affected version(s) >=4.2.15 <4.3.3
Fix Suggestion:
Update to version 4.3.3
lindelin/lindale (PHP):
Affected version(s) =v1.6.6 <v1.6.7
Fix Suggestion:
Update to version v1.6.7
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =v0.0.17 <0.0.18
Fix Suggestion:
Update to version 0.0.18
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/jquery-3.5.0 <4.0.0.x-dev
Fix Suggestion:
Update to version 4.0.0.x-dev
bolt/bolt (PHP):
Affected version(s) =v3.2.7 <v3.2.8
Fix Suggestion:
Update to version v3.2.8
typo3/neos (PHP):
Affected version(s) =3.3.24 <3.3.25
Fix Suggestion:
Update to version 3.3.25
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-ZnrJvD <dev-analysis-ajWyxm
Fix Suggestion:
Update to version dev-analysis-ajWyxm
uikit/uikit (PHP):
Affected version(s) =2.0.0 <dev-dependabot/npm_and_yarn/dev-dependencies-32e16465c2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/dev-dependencies-32e16465c2
typo3/neos (PHP):
Affected version(s) >=7.0.7 <7.1.0
Fix Suggestion:
Update to version 7.1.0
anomaly/markdown-field-type (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
neos/neos (PHP):
Affected version(s) >=4.1.5 <4.1.8
Fix Suggestion:
Update to version 4.1.8
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.1.10.x-dev <1.1.11.x-dev
Fix Suggestion:
Update to version 1.1.11.x-dev
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=0.0.11 <0.0.17
Fix Suggestion:
Update to version 0.0.17
neos/neos (PHP):
Affected version(s) =3.3.14 <3.3.15
Fix Suggestion:
Update to version 3.3.15
neos/neos-development-collection (PHP):
Affected version(s) >=3.3.15 <dev-analysis-N4xo2r
Fix Suggestion:
Update to version dev-analysis-N4xo2r
typo3/neos (PHP):
Affected version(s) =3.3.x-dev <3.3.1
Fix Suggestion:
Update to version 3.3.1
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Neos/ini-1.3.7 <dev-dependabot/npm_and_yarn/Neos.Neos/json5-1.0.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Neos/json5-1.0.2
lindelin/lindale (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/dns-packet-1.3.4 <v1.4.3
Fix Suggestion:
Update to version v1.4.3
neos/neos-development-collection (PHP):
Affected version(s) >=3.2.10 <3.3.7
Fix Suggestion:
Update to version 3.3.7
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-BMLM39 <dev-bugfix/relase_notes_52
Fix Suggestion:
Update to version dev-bugfix/relase_notes_52
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-tests <dev-tg
Fix Suggestion:
Update to version dev-tg
neos/neos (PHP):
Affected version(s) =3.3.10 <3.3.11
Fix Suggestion:
Update to version 3.3.11
siezi/phile-admin-markdown-editor (PHP):
Affected version(s) >=dev-master <=2.0.0
Fix Suggestion:
Update to version no_fix
microweber/microweber (PHP):
Affected version(s) =1.x-dev <1.0.x-dev
Fix Suggestion:
Update to version 1.0.x-dev
lindelin/lindale (PHP):
Affected version(s) >=v1.4.5 <v1.4.7
Fix Suggestion:
Update to version v1.4.7
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-YO0xb0 <dev-analysis-ZlKnb0
Fix Suggestion:
Update to version dev-analysis-ZlKnb0
neos/neos (PHP):
Affected version(s) =4.0.9 <4.0.10
Fix Suggestion:
Update to version 4.0.10
neos/neos-development-collection (PHP):
Affected version(s) =dev-wp_overview <dev-zeroDimensionalUriPaths
Fix Suggestion:
Update to version dev-zeroDimensionalUriPaths
typo3/neos (PHP):
Affected version(s) =4.3.4 <4.3.5
Fix Suggestion:
Update to version 4.3.5
neos/neos (PHP):
Affected version(s) >=4.1.17 <4.2.1
Fix Suggestion:
Update to version 4.2.1
typo3/neos (PHP):
Affected version(s) =3.2.x-dev <dev-dependabot/npm_and_yarn/nanoid-3.2.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/nanoid-3.2.0
neos/neos-development-collection (PHP):
Affected version(s) >=dev-applied-migrations <dev-bugfix-disconnected-nodes-on-move
Fix Suggestion:
Update to version dev-bugfix-disconnected-nodes-on-move
neos/neos (PHP):
Affected version(s) >=5.3.8 <dev-dependabot/npm_and_yarn/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/node-sass-7.0.0
dsheiko/extras (PHP):
Affected version(s) >=dev-master <=v1.0.3
Fix Suggestion:
Update to version no_fix
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) =dev-contact_form_fix_sr-1 <1.0.2.x-dev
Fix Suggestion:
Update to version 1.0.2.x-dev
neos/neos (PHP):
Affected version(s) =3.1.4 <3.1.5
Fix Suggestion:
Update to version 3.1.5
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/remove-old-code-migrations <dev-task/remove-performance-measure-commmands
Fix Suggestion:
Update to version dev-task/remove-performance-measure-commmands
neos/neos-development-collection (PHP):
Affected version(s) =dev-bugfix/release_notes_52 <dev-analysis-a64drk
Fix Suggestion:
Update to version dev-analysis-a64drk
arwp/main-master (PHP):
Affected version(s) >=dev-main <=v1.1.7
Fix Suggestion:
Update to version no_fix
speixoto/yii2-polymer (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) >=dev-docs-neos-ui <historic-1.0.0-alpha1
Fix Suggestion:
Update to version historic-1.0.0-alpha1
lindelin/lindale (PHP):
Affected version(s) >=v1.4.15 <v1.5.5
Fix Suggestion:
Update to version v1.5.5
typo3/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-3.2.2
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Neos/elliptic-6.5.4 <dev-dependabot/npm_and_yarn/Neos.Neos/hosted-git-info-2.8.9
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Neos/hosted-git-info-2.8.9
neos/neos-development-collection (PHP):
Affected version(s) =4.2.x-dev <4.2.1
Fix Suggestion:
Update to version 4.2.1
typo3/neos (PHP):
Affected version(s) =4.2.x-dev <4.2.1
Fix Suggestion:
Update to version 4.2.1
gfsdeliver/checkout (PHP):
Affected version(s) =2.0.0 <v2.0.4
Fix Suggestion:
Update to version v2.0.4
neos/neos-development-collection (PHP):
Affected version(s) >=3.0.18 <3.1.1
Fix Suggestion:
Update to version 3.1.1
oburatongoi/productivity (PHP):
Affected version(s) >=0.0.9 <0.0.13
Fix Suggestion:
Update to version 0.0.13
neos/neos-development-collection (PHP):
Affected version(s) =dev-dfeyer-patch-2 <dev-feature/allow-eventstore-doctrineadabter-v2
Fix Suggestion:
Update to version dev-feature/allow-eventstore-doctrineadabter-v2
typo3/neos (PHP):
Affected version(s) >=4.0.12 <4.0.17
Fix Suggestion:
Update to version 4.0.17
typo3/neos (PHP):
Affected version(s) >=4.0.20 <4.1.1
Fix Suggestion:
Update to version 4.1.1
typo3/neos (PHP):
Affected version(s) >=4.1.19 <4.2.0
Fix Suggestion:
Update to version 4.2.0
neos/neos (PHP):
Affected version(s) =dev-docs-neos-ui <dev-feature/NodeUriPathSegmentGeneratorForDimension
Fix Suggestion:
Update to version dev-feature/NodeUriPathSegmentGeneratorForDimension
reliv/rcm-plugins (PHP):
Affected version(s) =dev-revert-480-master
Fix Suggestion:
Update to version no_fix
orchestra/story (PHP):
Affected version(s) >=v3.1.1 <3.3.x-dev
Fix Suggestion:
Update to version 3.3.x-dev
neos/neos-development-collection (PHP):
Affected version(s) >=dev-bugfix/neos-media-without-neos <dev-bugfix/node-service-template
Fix Suggestion:
Update to version dev-bugfix/node-service-template
neos/neos (PHP):
Affected version(s) =3.2.x-dev <dev-dependabot/npm_and_yarn/nanoid-3.2.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/nanoid-3.2.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/bundler/Neos.Media.Browser/ffi-1.13.1 <dev-dependabot/bundler/Neos.Media.Browser/ffi-1.15.0
Fix Suggestion:
Update to version dev-dependabot/bundler/Neos.Media.Browser/ffi-1.15.0
neos/neos (PHP):
Affected version(s) >=3.0.0 <3.0.3
Fix Suggestion:
Update to version 3.0.3
jason-munro/cypht (PHP):
Affected version(s) >=dev-bp-get-client-issue <v1.0.0-rc1
Fix Suggestion:
Update to version v1.0.0-rc1
bolt/bolt (PHP):
Affected version(s) =v3.2.0 <v3.2.1
Fix Suggestion:
Update to version v3.2.1
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/axios-0.21.1 <v1.0.0
Fix Suggestion:
Update to version v1.0.0
adrexia/flowchart (PHP):
Affected version(s) >=dev-false-fix-new-states <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=4.2.2 <4.3.10
Fix Suggestion:
Update to version 4.3.10
lindelin/lindale (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/bootstrap-select-1.13.6 <v2.0.1
Fix Suggestion:
Update to version v2.0.1
neos/neos (PHP):
Affected version(s) =4.0.4 <4.0.5
Fix Suggestion:
Update to version 4.0.5
microweber/microweber (PHP):
Affected version(s) >=1.0.8.x-dev <1.1.x-dev
Fix Suggestion:
Update to version 1.1.x-dev
neos/neos-development-collection (PHP):
Affected version(s) >=3.2.7 <3.2.9
Fix Suggestion:
Update to version 3.2.9
neos/neos (PHP):
Affected version(s) >=3.1.6 <3.1.9
Fix Suggestion:
Update to version 3.1.9
typo3/neos (PHP):
Affected version(s) >=5.0.0 <5.0.1
Fix Suggestion:
Update to version 5.0.1
neos/neos (PHP):
Affected version(s) >=5.0.8 <5.3.4
Fix Suggestion:
Update to version 5.3.4
neos/neos (PHP):
Affected version(s) >=4.0.12 <4.1.0
Fix Suggestion:
Update to version 4.1.0
websix/xlsx-compiler (PHP):
Affected version(s) >=1.1.0 <=1.1.3
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.0.10 <3.0.17
Fix Suggestion:
Update to version 3.0.17
neos/neos (PHP):
Affected version(s) >=3.3.18 <4.0.3
Fix Suggestion:
Update to version 4.0.3
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/url-parse-1.5.7 <v1.5.7
Fix Suggestion:
Update to version v1.5.7
neos/neos-development-collection (PHP):
Affected version(s) =dev-php8 <8.0.1
Fix Suggestion:
Update to version 8.0.1
runcmf/runbb-ext-markitup (PHP):
Affected version(s) >=dev-master <=0.1.0
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-bwaidelich-patch-1 <dev-dfeyer-patch-1
Fix Suggestion:
Update to version dev-dfeyer-patch-1
websix/xlsx-compiler (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-9mOoBn <dev-analysis-9mreo6
Fix Suggestion:
Update to version dev-analysis-9mreo6
neos/neos (PHP):
Affected version(s) >=7.0.1 <7.0.4
Fix Suggestion:
Update to version 7.0.4
typo3/neos (PHP):
Affected version(s) =4.1.2 <4.1.3
Fix Suggestion:
Update to version 4.1.3
typo3/neos (PHP):
Affected version(s) >=dev-snyk-fix-6aecf4d1b66f9382c324a3900631c3a3 <1.0.1
Fix Suggestion:
Update to version 1.0.1
typo3/neos (PHP):
Affected version(s) >=7.0.1 <7.0.3
Fix Suggestion:
Update to version 7.0.3
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-nNyQ4g <dev-analysis-vZQ04N
Fix Suggestion:
Update to version dev-analysis-vZQ04N
alirezab/admin-panel (PHP):
Affected version(s) >=1.0 <1.1
Fix Suggestion:
Update to version 1.1
typo3/neos (PHP):
Affected version(s) >=5.0.3 <5.3.4
Fix Suggestion:
Update to version 5.3.4
sitegeist/nomenclator (PHP):
Affected version(s) =dev-feature/frontendAndStyle <dev-master
Fix Suggestion:
Update to version dev-master
lindelin/lindale (PHP):
Affected version(s) =v1.3.0 <v1.3.1
Fix Suggestion:
Update to version v1.3.1
neos/neos-development-collection (PHP):
Affected version(s) >=5.0.1 <dev-analysis-KoJJA6
Fix Suggestion:
Update to version dev-analysis-KoJJA6
schumacherfm/markdown (PHP):
Affected version(s) >=v2.1.0-rc.3 <v2.2.0
Fix Suggestion:
Update to version v2.2.0
dvlpp/sharp (PHP):
Affected version(s) >=1.0.0 <v1.3.28
Fix Suggestion:
Update to version v1.3.28
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-contact_from_email_providers <dev-custom_field_button
Fix Suggestion:
Update to version dev-custom_field_button
neos/neos (PHP):
Affected version(s) =3.3.16 <3.3.17
Fix Suggestion:
Update to version 3.3.17
neos/neos-development-collection (PHP):
Affected version(s) >=7.0.1 <7.1.0
Fix Suggestion:
Update to version 7.1.0
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) =1.5.x-dev <1.6.0
Fix Suggestion:
Update to version 1.6.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/changelog <dev-task/cleanup-doctrinedbaladapter
Fix Suggestion:
Update to version dev-task/cleanup-doctrinedbaladapter
themewizz/twz-plugin-manager-client-library (PHP):
Affected version(s) >=dev-main <5.0.3
Fix Suggestion:
Update to version 5.0.3
neos/neos (PHP):
Affected version(s) >=3.3.6 <3.3.8
Fix Suggestion:
Update to version 3.3.8
ijackua/yii2-lepture-markdown-editor-widget (PHP):
Affected version(s) >=dev-master <=1.0.0
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) >=5.3.5 <5.3.7
Fix Suggestion:
Update to version 5.3.7
kratos/kratos (PHP):
Affected version(s) =dev-master <0
Fix Suggestion:
Update to version 0
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-b0jyMw <dev-analysis-0gN1mE
Fix Suggestion:
Update to version dev-analysis-0gN1mE
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) =1.7.0 <1.7.x-dev
Fix Suggestion:
Update to version 1.7.x-dev
typo3/neos (PHP):
Affected version(s) >=3.3.18 <3.3.23
Fix Suggestion:
Update to version 3.3.23
kratos/kratos (PHP):
Affected version(s) =0.0.1 <0.0.1a
Fix Suggestion:
Update to version 0.0.1a
microweber/microweber (PHP):
Affected version(s) >=dev-Radanovn-patch-1 <1.0.2.x-dev
Fix Suggestion:
Update to version 1.0.2.x-dev
typo3/neos (PHP):
Affected version(s) =4.0.18 <4.0.19
Fix Suggestion:
Update to version 4.0.19
neos/neos-development-collection (PHP):
Affected version(s) =3.3.8 <3.3.9
Fix Suggestion:
Update to version 3.3.9
orchestra/story (PHP):
Affected version(s) =3.1.x-dev <v3.1.0
Fix Suggestion:
Update to version v3.1.0
typo3/neos (PHP):
Affected version(s) =4.2.13 <4.2.14
Fix Suggestion:
Update to version 4.2.14
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Neos/node-sass-4.13.1 <dev-dependabot/npm_and_yarn/Neos.Neos/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Neos/node-sass-7.0.0
neos/neos (PHP):
Affected version(s) >=3.0.7 <3.0.9
Fix Suggestion:
Update to version 3.0.9
neos/neos (PHP):
Affected version(s) =3.0.13 <3.0.14
Fix Suggestion:
Update to version 3.0.14
microweber/microweber (PHP):
Affected version(s) >=dev-account-manager <oop-preview
Fix Suggestion:
Update to version oop-preview
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/set-shortcut-default-to-parent <dev-task/speed-up-ci-run
Fix Suggestion:
Update to version dev-task/speed-up-ci-run
neos/neos-development-collection (PHP):
Affected version(s) >=dev-analysis-M1j5K2 <dev-analysis-Vr1BA6
Fix Suggestion:
Update to version dev-analysis-Vr1BA6
neos/neos-development-collection (PHP):
Affected version(s) >=dev-albe-fix-neos-users <dev-analysis-BMOoOg
Fix Suggestion:
Update to version dev-analysis-BMOoOg
neos/neos (PHP):
Affected version(s) =4.0.6 <4.0.7
Fix Suggestion:
Update to version 4.0.7
neos/neos-development-collection (PHP):
Affected version(s) >=4.2.2 <dev-analysis-KoxA5A
Fix Suggestion:
Update to version dev-analysis-KoxA5A
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/eventsource-1.1.1 <v1.1.5
Fix Suggestion:
Update to version v1.1.5
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-o72VmP <dev-feature/wallpaper-73
Fix Suggestion:
Update to version dev-feature/wallpaper-73
neos/neos-development-collection (PHP):
Affected version(s) >=4.0.1 <4.0.11
Fix Suggestion:
Update to version 4.0.11
anomaly/markdown-field_type (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
schumacherfm/markdown (PHP):
Affected version(s) >=v2.0.0 <v2.1.0-rc.1
Fix Suggestion:
Update to version v2.1.0-rc.1
neos/neos-development-collection (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/Neos.Neos/y18n-3.2.2 <dev-docs/range-editor
Fix Suggestion:
Update to version dev-docs/range-editor
neos/neos-development-collection (PHP):
Affected version(s) =dev-bugfix/sort_operation_return_type <dev-bugfix/stabilize-assetUsageProjection
Fix Suggestion:
Update to version dev-bugfix/stabilize-assetUsageProjection
typo3/neos (PHP):
Affected version(s) =4.0.x-dev <4.0.2
Fix Suggestion:
Update to version 4.0.2
typo3/neos (PHP):
Affected version(s) =3.0.9 <3.0.10
Fix Suggestion:
Update to version 3.0.10
neos/neos (PHP):
Affected version(s) >=dev-snyk-fix-6aecf4d1b66f9382c324a3900631c3a3 <1.0.1
Fix Suggestion:
Update to version 1.0.1
neos/neos-development-collection (PHP):
Affected version(s) =dev-cascade-childevents <dev-catchRootNodeAdjustments
Fix Suggestion:
Update to version dev-catchRootNodeAdjustments
typo3/neos (PHP):
Affected version(s) >=3.3.26 <4.0.0
Fix Suggestion:
Update to version 4.0.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-remove-typo3-replace <dev-task/replace-Typo3Neos
Fix Suggestion:
Update to version dev-task/replace-Typo3Neos
neos/neos-development-collection (PHP):
Affected version(s) =3.0.x-dev <dev-analysis-BMJ3og
Fix Suggestion:
Update to version dev-analysis-BMJ3og
kayrules/solatjakim-api-site (PHP):
Affected version(s) =dev-master <dev-version-1.0
Fix Suggestion:
Update to version dev-version-1.0
soldotno/vanilla-enterprise-module (PHP):
Affected version(s) =dev-master <1.0
Fix Suggestion:
Update to version 1.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-event-sourced <dev-feature/90/editPreviewModeSupport
Fix Suggestion:
Update to version dev-feature/90/editPreviewModeSupport
etdsolutions/marked (PHP):
Affected version(s) >=dev-master <=0.3.5
Fix Suggestion:
Update to version no_fix
kratos/kratos (PHP):
Affected version(s) =0.0.1b
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) =3.0.x-dev <3.0.1
Fix Suggestion:
Update to version 3.0.1
neos/neos (PHP):
Affected version(s) >=4.1.10 <4.1.16
Fix Suggestion:
Update to version 4.1.16
filsh/footable (PHP):
Affected version(s) =dev-bs3
Fix Suggestion:
Update to version no_fix
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.1.7.x-dev <1.1.8.x-dev
Fix Suggestion:
Update to version 1.1.8.x-dev
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-media_library_unsplash_update <dev-newsletter_module
Fix Suggestion:
Update to version dev-newsletter_module
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) =1.8.x-dev
Fix Suggestion:
Update to version no_fix
anomaly/markdown-field-type (PHP):
Affected version(s) =2.2.x-dev <v2.2.0
Fix Suggestion:
Update to version v2.2.0
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-unsplash_integration <dev-update_custom_fields_design
Fix Suggestion:
Update to version dev-update_custom_fields_design
friendsofvictoire/markdown-widget (PHP):
Affected version(s) >=dev-master <=2.1.0
Fix Suggestion:
Update to version no_fix
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-admin_mobile <dev-admin_redesign
Fix Suggestion:
Update to version dev-admin_redesign
microweber/microweber (PHP):
Affected version(s) =dev-revert-797-master
Fix Suggestion:
Update to version no_fix
dungphanxuan/yii2-lepture-editor (PHP):
Affected version(s) >=dev-master <=0.1
Fix Suggestion:
Update to version no_fix
dantleech/bolt-object-agent (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=4.0.12 <4.1.8
Fix Suggestion:
Update to version 4.1.8
neos/neos (PHP):
Affected version(s) >=5.0.0 <5.0.7
Fix Suggestion:
Update to version 5.0.7
neos/neos (PHP):
Affected version(s) >=3.1.11 <3.2.0
Fix Suggestion:
Update to version 3.2.0
neos/neos-development-collection (PHP):
Affected version(s) >=3.0.1 <3.0.9
Fix Suggestion:
Update to version 3.0.9
neos/neos (PHP):
Affected version(s) >=3.2.12 <dev-dependabot/npm_and_yarn/nanoid-3.3.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/nanoid-3.3.1
typo3/neos (PHP):
Affected version(s) =3.2.11 <3.2.12
Fix Suggestion:
Update to version 3.2.12
neos/neos (PHP):
Affected version(s) =3.0.16 <3.0.17
Fix Suggestion:
Update to version 3.0.17
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-PxWxDo <dev-analysis-RvGDRO
Fix Suggestion:
Update to version dev-analysis-RvGDRO
neos/neos (PHP):
Affected version(s) >=3.3.3 <3.3.5
Fix Suggestion:
Update to version 3.3.5
typo3/neos (PHP):
Affected version(s) =4.1.7 <4.1.8
Fix Suggestion:
Update to version 4.1.8
bolt/bolt (PHP):
Affected version(s) =v3.2.11 <v3.2.12
Fix Suggestion:
Update to version v3.2.12
typo3/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/ini-1.3.7 <2.0.0-RC1
Fix Suggestion:
Update to version 2.0.0-RC1
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-dependabot/composer/composer/composer-1.10.23 <dev-fix_backup_encoding_v2
Fix Suggestion:
Update to version dev-fix_backup_encoding_v2
neos/neos-development-collection (PHP):
Affected version(s) >=dev-bugfix/3258-no-exception-on-unresolvable-shortcuts <dev-bugfix/3432
Fix Suggestion:
Update to version dev-bugfix/3432
sunra/angularjs-symfony2-bundle (PHP):
Affected version(s) >=dev-master <=v1.5.5
Fix Suggestion:
Update to version no_fix
ilhanet/erpnet-widget-resource (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
lambda/yii2-neon (PHP):
Affected version(s) >=dev-master <=0.1.1
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Media.Browser/npm-6.14.6 <dev-dependabot/npm_and_yarn/Neos.Media.Browser/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Media.Browser/path-parse-1.0.7
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=dev-add_custom_data_on_product <oop-preview
Fix Suggestion:
Update to version oop-preview
20steps/bricks-custom-acme-demo-angular-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.1.4 <3.2.6
Fix Suggestion:
Update to version 3.2.6
typo3/neos (PHP):
Affected version(s) =3.1.x-dev <3.1.1
Fix Suggestion:
Update to version 3.1.1
piksera/core (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =0.0.1 <0.0.2
Fix Suggestion:
Update to version 0.0.2
hoter/yii2-lepture-markdown (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
wardrobe/cabinet (PHP):
Affected version(s) =dev-master <dev-redactor
Fix Suggestion:
Update to version dev-redactor
ristorantino/install (PHP):
Affected version(s) =dev-ale-helpers-components <dev-master
Fix Suggestion:
Update to version dev-master
shaoyikai/api-doc (PHP):
Affected version(s) >=dev-develop <=v1.0.2
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-pr/2431 <dev-feature/3216-overhaul-routing
Fix Suggestion:
Update to version dev-feature/3216-overhaul-routing
typo3/neos (PHP):
Affected version(s) >=4.1.10 <4.1.16
Fix Suggestion:
Update to version 4.1.16
typo3/neos (PHP):
Affected version(s) >=4.2.5 <4.2.12
Fix Suggestion:
Update to version 4.2.12
neos/neos-development-collection (PHP):
Affected version(s) =3.1.2 <3.1.3
Fix Suggestion:
Update to version 3.1.3
neos/neos-development-collection (PHP):
Affected version(s) >=4.1.9 <4.2.0
Fix Suggestion:
Update to version 4.2.0
salimkamboh/yii2-angularjs (PHP):
Affected version(s) >=dev-main <=1.0
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.3.10 <3.3.14
Fix Suggestion:
Update to version 3.3.14
labo/admin-bundle (PHP):
Affected version(s) =dev-amato <dev-boucherie
Fix Suggestion:
Update to version dev-boucherie
anomaly/markdown-field_type (PHP):
Affected version(s) =2.2.x-dev <v2.2.0
Fix Suggestion:
Update to version v2.2.0
typo3/neos (PHP):
Affected version(s) =4.1.17 <4.1.18
Fix Suggestion:
Update to version 4.1.18
neos/neos (PHP):
Affected version(s) =3.2.5 <3.2.6
Fix Suggestion:
Update to version 3.2.6
neos/neos (PHP):
Affected version(s) =3.2.1 <3.2.2
Fix Suggestion:
Update to version 3.2.2
neos/neos (PHP):
Affected version(s) >=3.0.4 <3.0.6
Fix Suggestion:
Update to version 3.0.6
neos/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/ini-1.3.7 <2.0.0-RC1
Fix Suggestion:
Update to version 2.0.0-RC1
typo3/neos (PHP):
Affected version(s) >=7.0.4 <7.0.6
Fix Suggestion:
Update to version 7.0.6
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) >=1.3.x-dev <1.5.0
Fix Suggestion:
Update to version 1.5.0
bolt/bolt (PHP):
Affected version(s) =v3.2.2 <v3.2.3
Fix Suggestion:
Update to version v3.2.3
visonforcoding/cakephp-wpadmin (PHP):
Affected version(s) >=dev-master <=0.1.4
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-replace-in-memory-sort <dev-revert-3411-bugfix/removeBrokenValidationAnnotation
Fix Suggestion:
Update to version dev-revert-3411-bugfix/removeBrokenValidationAnnotation
rami-awadallah/myhelpers (PHP):
Affected version(s) >=dev-master <=1.5.x-dev
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/rename-ts-to-fusion <dev-task/renameAfxNodeParser
Fix Suggestion:
Update to version dev-task/renameAfxNodeParser
rcm/plugins (PHP):
Affected version(s) =dev-revert-480-master
Fix Suggestion:
Update to version no_fix
dvlpp/sharp (PHP):
Affected version(s) >=2.0.0 <2.0.4
Fix Suggestion:
Update to version 2.0.4
neos/neos-development-collection (PHP):
Affected version(s) =dev-verify-migrations-workaround <dev-workspaceAdjustments
Fix Suggestion:
Update to version dev-workspaceAdjustments
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.2.x-dev <dev-1.2-test-pm
Fix Suggestion:
Update to version dev-1.2-test-pm
neos/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-3.2.2 <dev-task/upmerges-83-90
Fix Suggestion:
Update to version dev-task/upmerges-83-90
laraporto/laraporto (PHP):
Affected version(s) >=dev-master <=1.1.x-dev
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) =dev-master <dev-nodeCoverageRestoration
Fix Suggestion:
Update to version dev-nodeCoverageRestoration
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-9bl9MN <dev-analysis-9mBRn6
Fix Suggestion:
Update to version dev-analysis-9mBRn6
oburatongoi/productivity (PHP):
Affected version(s) >=0.1.0 <0.4.35
Fix Suggestion:
Update to version 0.4.35
arthurgroup/websitebuilder (PHP):
Affected version(s) >=1.0.8.x-dev <1.0.10.x-dev
Fix Suggestion:
Update to version 1.0.10.x-dev
restaurare/ewlist (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=3.0.18 <3.0.20
Fix Suggestion:
Update to version 3.0.20
neos/neos (PHP):
Affected version(s) =3.2.9 <3.2.10
Fix Suggestion:
Update to version 3.2.10
neos/neos (PHP):
Affected version(s) >=3.1.0 <3.1.3
Fix Suggestion:
Update to version 3.1.3
greenpower/asset-bundle (PHP):
Affected version(s) =dev-develop
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=7.0.7 <7.1.0
Fix Suggestion:
Update to version 7.1.0
lindelin/lindale (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/url-parse-1.5.10 <v1.6.2
Fix Suggestion:
Update to version v1.6.2
docit/core (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
notebook (PYTHON):
Affected version(s) >=4.0.1 <5.3.1
Fix Suggestion:
Update to version 5.3.1
ipython (PYTHON):
Affected version(s) >=1.0.0 <4.0.0
Fix Suggestion:
Update to version 4.0.0
notebook (PYTHON):
Affected version(s) =5.5.0 <5.6.0
Fix Suggestion:
Update to version 5.6.0
Related Resources (2)
https://github.com/markedjs/marked/issues/925
https://github.com/markedjs/marked/commit/6d1901ff71abb83aa32ca9a5ce47471382ea42a9
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE