CVE-2018-6806

Posted on by admin

CVE-2018-6806

Marked 2 through 2.5.11 allows remote attackers to read arbitrary files via a crafted HTML document that triggers a redirect to an x-marked://preview?text= URL. The value of the text parameter can include arbitrary JavaScript code, e.g., making XMLHttpRequest calls.

Source: CVE-2018-6806

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다