CVE-2021-47837

HIGH

Markdownify 1.2.0 - Stored Cross-Site Scripting via Crafted Markdown File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47837. PoCs published by TaurusOmar.

AI-analyzed exploit summary This exploit demonstrates a persistent XSS vulnerability in Markdownify 1.2.0, where malicious JavaScript payloads can be embedded in markdown files. The payload executes arbitrary commands, including reverse shell attempts, when the file is opened.

Description

Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload crafted markdown files with embedded scripts that execute when the file is opened, potentially enabling remote code execution.

Exploits (1)

exploitdb WORKING POC
by TaurusOmar · javascriptwebappsmultiple
https://www.exploit-db.com/exploits/49835

This exploit demonstrates a persistent XSS vulnerability in Markdownify 1.2.0, where malicious JavaScript payloads can be embedded in markdown files. The payload executes arbitrary commands, including reverse shell attempts, when the file is opened.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Markdownify 1.2.0
No auth needed
Prerequisites: Victim must open a malicious markdown file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/49835
Various Sources exploit
https://imgur.com/a/T4jBoiS

Scores

CVSS v3 7.2
EPSS 0.0004
EPSS Percentile 13.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Published Jan 16, 2026
Tracked Since Feb 18, 2026