What the vulnerability does

01Description

GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader.

Key dates

02Disclosure timeline

June 4, 2018 CVE published
September 16, 2024 Record updated

Related vulnerabilities

04Related CVE