CVE-2026-41653

Sažetak

BentoPDF is a client-side PDF toolkit that is self hostable. Prior to version 2.8.3, a cross-site scripting vulnerability was identified in BentoPD. An attacker may be able to execute arbitrary JavaScript in certain circumstances in Markdown to PDF Tool. This issue has been patched in version 2.8.3.

Reference

https://github.com/alam00000/bentopdf/releases/tag/v2.8.3
https://github.com/alam00000/bentopdf/security/advisories/GHSA-6vh8-4frx-647f

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

07-05-2026 - 19:51

Objavljeno

07-05-2026 - 19:16