LOW
vnotex
CVE published 2026-07-12
CVE-2026-15505
A weakness has been identified in vnotex vnote up to 3.20.1, impacting an unknown function of the file /src/data/extra/web/js/markdownit.js of the YAML Frontmatter component. This manipulation of the argument p_metaData causes cross-site scripting. The attack may be initiated remotely. Users should review and apply vendor patches or updates when available. The vulnerability has a low CVSS score of 2, indi [truncated]