CVE-2025-54075 – Nuxtjs MDC Stored Cross-Site Scripting (Remote Script-Inclusion)

July 18, 2025

CVE ID : CVE-2025-54075

Published : July 18, 2025, 4:15 p.m. | 2 hours, 14 minutes ago

Description : MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. Prior to version 0.17.2, a remote script-inclusion / stored cross-site scripting vulnerability in @nuxtjs/mdc lets a Markdown author inject a “ element. The “ tag rewrites how all subsequent relative URLs are resolved, so an attacker can make the page load scripts, styles, or images from an external, attacker-controlled origin and execute arbitrary JavaScript in the site’s context. Version 0.17.2 contains a fix for the issue.

Severity: 8.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53945 – Apko File Permission Vulnerability (Root Escalation)

Next Article CVE-2025-54059 – Melange SBOM Generation Permissions Vulnerability

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-54075 – Nuxtjs MDC Stored Cross-Site Scripting (Remote Script-Inclusion)

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Windows 10 KB5058379 locks PCs, BitLocker Recovery triggered on boot, BSODs

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

CVE-2025-20285 – Cisco ISE/IP Access Restriction API Authentication Bypass

I found a mini PC that can be a powerful Windows alternative – and it’s not a Mac

Accelerating Go-to-Market with Agile AI Product Development🚀

Ghost of Yotei’s Feels Rooted in Place, And Here’s How

CVE-2025-6794 – Marvell QConvergeConsole Directory Traversal Remote Code Execution Vulnerability

Xbox update finally lets you buy games through the mobile app, while “Stream Your Own Game” comes to console

CVE-2025-54075 – Nuxtjs MDC Stored Cross-Site Scripting (Remote Script-Inclusion)

Related Posts