Advisory #50
| Title | Qiita::Markdown cross-site scripting via crafted gist link |
| CVE ID | CVE-2021-28833 |
| Vendor | Increments Inc. |
| Affected product | Qiita::Markdown |
| Affected versions | - 0.33.0 |
| Vulnerability type | CWE-79 (Cross-site Scripting) |
| Description | Qiita::Markdown has a vulnerability that allows cross-site scripting via crafted gist link. NOTE: This CVE ID is unique from CVE-2021-28796. |
| Status | Fixed in 0.34.0 |
| Recommendation | Update to 0.34.0 or above. |