Return to CVE list

CVE-2025-43954

4.9

Medium

CVE-2025-43954

20 Apr 2025

cve@mitre.org

Awaiting Analysis

View on MITRE Find on GitHub

Description

QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

cve@mitre.org

https://github.com/quasarframework/quasar-ui-qmarkdown/commit/b61dff84851c45369cf931db5bd93db177c657f6

cve@mitre.org

https://github.com/quasarframework/quasar-ui-qmarkdown/compare/v2.0.4...v2.0.5

CVE-2025-43954 - CVE-2025-43954 | Cyber Hub