XSS in Leandrocp Mdex
CVE-2026-53427
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-…
Vulnerability class: XSS (Cross-Site Scripting)
Affected products
- Leandrocp Mdex — versions 0.11.3, 0d7ffc84ea742e1daf666426814e5bb6d0499433
- Leandrocp Mdex_native — versions 0.1.0, 956528c5e31746253347029e810a969ab916fd27
Weakness classification (CWE)
References
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
- 6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)