top of page
perceptive_background_267k.jpg

Markright 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to embed malicious payloads in markdown files. Attackers can upload…

Published:

15 January 2026 at 23:00:00

Alert date:

16 January 2026 at 20:08:27

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

CVE-2021-47838 affects Markright 1.0, a markdown editor application. The vulnerability is a persistent cross-site scripting (XSS) flaw that allows attackers to embed malicious JavaScript payloads within markdown files. When victims open these specially crafted markdown files, the malicious code executes automatically. This XSS vulnerability can potentially lead to remote code execution on the victim's system. The vulnerability has been documented with proof-of-concept exploits available publicly. Markright is available on GitHub and this vulnerability represents a significant security risk for users of the application.

Technical details

Mitigation steps:

Affected products:

Markright

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2021-47838
https://github.com/dvcrn/markright
https://imgur.com/a/VOsgKbZ
https://www.exploit-db.com/exploits/49834
https://www.vulncheck.com/advisories/markright-persistent-cross-site-scripting

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page