{"id":"GHSA-3c48-6pcv-88rm","summary":"Macro in MathJax running untrusted Javascript within a web browser","details":"MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the `\\unicode{}` macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processed using Mathjax. This vulnerability appears to have been fixed in 2.7.4 and later.","aliases":["CVE-2018-1999024"],"modified":"2023-11-08T04:00:09.670565Z","published":"2018-07-27T17:05:27Z","database_specific":{"cwe_ids":["CWE-79"],"severity":"MODERATE","nvd_published_at":null,"github_reviewed_at":"2020-06-16T20:54:43Z","github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999024"},{"type":"WEB","url":"https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1"},{"type":"WEB","url":"https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-3c48-6pcv-88rm"},{"type":"PACKAGE","url":"https://github.com/mathjax/MathJax"}],"affected":[{"package":{"name":"mathjax","ecosystem":"npm","purl":"pkg:npm/mathjax"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.7.4"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-3c48-6pcv-88rm/GHSA-3c48-6pcv-88rm.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}]}