search

tylingsoft / markdown-plus

Markdown editor with extra features.
http://mdp.tylingsoft.com/
2.12k stars 395 forks source link

XSS via Markdown #110

Closed daffainfo closed 3 years ago

daffainfo commented 4 years ago

Hello, i found bug XSS via markdown Iam using simple payload to test ><iframe src="javascript:alert(document.domain)"</iframe>

Result: image