CVE-2025-29049
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-29049
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-29049.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-29049
- Aliases
- Related
- Published
- 2025-04-01T21:15:43.820Z
- Modified
- 2025-11-16T15:26:10.350160Z
- Severity
-
- 6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- [none]
- Details
-
Cross Site Scripting vulnerability in arnog MathLive Versions v0.103.0 and before (fixed in 0.104.0) allows an attacker to execute arbitrary code via the MathLive function.
- References
Affected packages
Git / github.com/arnog/mathlive
Affected ranges
- Type
- GIT
- Repo
- https://github.com/arnog/mathlive
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.24
0.27
0.27.1
0.32.1
v0.*
v0.0.14
v0.0.14-beta
v0.0.15
v0.0.15-beta
v0.1.0
v0.100.0
v0.16.0
v0.17.0
v0.18.0
v0.19.0
v0.2.0
v0.20.0
v0.21.0
v0.22.0
v0.23.0
v0.24
v0.24.0
v0.24.1
v0.25
v0.25.0
v0.26
v0.26.0
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.27.4
v0.28
v0.28.0
v0.29
v0.29.0
v0.29.1
v0.29.2
v0.30
v0.31.0
v0.32
v0.32.0
v0.32.2
v0.32.3
v0.32.4
v0.32.5
v0.32.6
v0.32.7
v0.32.8
v0.32.9
v0.33
v0.33.0
v0.33.1
v0.33.2
v0.34.0
v0.35.0
v0.35.1
v0.50.0
v0.50.1
v0.50.2
v0.50.3
v0.50.4
v0.50.5
v0.50.6
v0.50.7
v0.50.8
v0.51.0
v0.51.1
v0.52.0
v0.53.0
v0.53.1
v0.53.2
v0.53.3
v0.54.0
v0.54.1
v0.55.0
v0.56.0
v0.57
v0.57.0
v0.58
v0.58.0
v0.59.0
v0.60.1
v0.61.0
v0.62.0
v0.63.0
v0.63.1
v0.64.0
v0.65.0
v0.66.0
v0.66.1
v0.67.0
v0.68.0
v0.69.0
v0.69.1
v0.69.10
v0.69.11
v0.69.2
v0.69.3
v0.69.4
v0.69.5
v0.69.6
v0.69.7
v0.69.8
v0.69.9
v0.70.0
v0.71.0
v0.72.0
v0.72.1
v0.72.2
v0.72.3
v0.94.0
v0.94.7