CVE-2022-28101

CVE-2022-28101

EPSS 1.0%

Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag during markdown parsing, allowing attackers to execute HTML injection.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/turtl/tracker/issues/404 https://www.cybercitadel.com/html-injection-turtl/