CVE-2021-47838
HIGHMarkright 1.0 - XSS
Title source: llmDescription
Markright 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to embed malicious payloads in markdown files. Attackers can upload specially crafted markdown files that execute arbitrary JavaScript when opened, potentially enabling remote code execution on the victim's system.
Exploits (1)
exploitdb
WORKING POC
by TaurusOmar · javascriptwebappsmultiple
https://www.exploit-db.com/exploits/49834
Scores
CVSS v3
7.2
EPSS
0.0003
EPSS Percentile
9.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
draft
Timeline
Published
Jan 16, 2026
Tracked Since
Feb 18, 2026