Vulnerability Description
Marked 2 through 2.5.11 allows remote attackers to read arbitrary files via a crafted HTML document that triggers a redirect to an x-marked://preview?text= URL. The value of the text parameter can include arbitrary JavaScript code, e.g., making XMLHttpRequest calls.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Marked 2 Project | Marked 2 | <= 2.5.11 |
Related Weaknesses (CWE)
References
- http://support.markedapp.com/discussions/questions/9089-reporting-a-vulnerabilitIssue TrackingThird Party Advisory
- http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdfExploitThird Party Advisory
- http://support.markedapp.com/discussions/questions/9089-reporting-a-vulnerabilitIssue TrackingThird Party Advisory
- http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdfExploitThird Party Advisory
FAQ
What is CVE-2018-6806?
CVE-2018-6806 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Marked 2 through 2.5.11 allows remote attackers to read arbitrary files via a crafted HTML document that triggers a redirect to an x-marked://preview?text= URL. The value of the text parameter can inc...
How severe is CVE-2018-6806?
CVE-2018-6806 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6806?
Check the references section above for vendor advisories and patch information. Affected products include: Marked 2 Project Marked 2.