Vulnerability Database

Published: Apr 9, 2019
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-9844" target="_blank" rel="noopener"> CVE-2019-9844
GHSA: <a href="https://github.com/advisories/GHSA-qj3f-9gmq-fwv5" target="_blank" rel="noopener"> GHSA-qj3f-9gmq-fwv5
Severity: Low
Exploit:

301,409

Total vulnerabilities in the database

simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI.

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
khanacademy / simple-markdown	-	0.4.4
fedoraproject / fedora	30	30.x
simple-markdown	-	0.4.4

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.