Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 21 Jun 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Shaarli
Shaarli shaarli |
|
| Vendors & Products |
Shaarli
Shaarli shaarli |
Thu, 18 Jun 2026 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 18 Jun 2026 04:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting (XSS) vulnerability in the Markdown-to-HTML conversion process used in the Bookmark Description field. An authenticated user can inject a malicious javascript: URI inside a Markdown link. The vulnerability originates in the filterProtocols method within BookmarkMarkdownFormatter.php.This method attempts to sanitize Markdown links by filtering dangerous protocols (such as javascript:) before rendering. It uses the following regular expression: (#]\((.*?)\)#is). This regex is designed to detect inline Markdown links, but it fails to detect Markdown reference-style links because reference-style links are resolved by the Markdown parser after preprocessing. The filterProtocols method never inspects the actual URL used in these references and as a result, an attacker can supply a javascript: URI inside a reference definition. This issue has been fixed in version 0.16.2. | |
| Title | Shaarli has Stored Cross-Site Scripting (XSS) via Markdown Reference Links | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-06-18T15:42:42.133Z
Reserved: 2026-05-22T20:57:10.977Z
Link: CVE-2026-48822
Updated: 2026-06-18T15:42:19.798Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-06-20T22:57:09Z