cvedb.io
CVE-2021-47839
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2026-01-16T19:16:09.537 · Last modified 2026-06-30T03:16:39.290

Summary

Marky 0.0.1 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code execution.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.