Home

Description

Many Notes 0.10.1 is vulnerable to Cross Site Scripting (XSS), which allows malicious Markdown files to execute JavaScript when viewed.

PUBLISHED Reserved 2025-08-13 | Published 2025-09-02 | Updated 2025-09-02 | Assigner mitre

References

github.com/brufdev/many-notes/releases/tag/v0.10.2

cyber-ducky.com/...d-in-many-notes-the-best-note-taking-app/

medium.com/...-stored-xss-in-markdown-rendering-e73cfc3cd93a

cve.org (CVE-2025-55474)

nvd.nist.gov (CVE-2025-55474)

Download JSON