Listen to this Post
The vulnerability in mkdocs-include-markdown-plugin stems from improper input validation when processing content for substitution placeholders. The plugin allows users to include markdown files and replace placeholders with specific values. However, the plugin fails to properly validate or sanitize the names of these substitution placeholders. An attacker can craft a malicious markdown file with placeholder names that collide with the internal substitution mechanism. When this file is processed by the plugin, the unvalidated input interferes with the substitution logic, potentially leading to unexpected behavior. This could result in the injection of unintended content into the final rendered documentation, altering its appearance or integrity. The flaw is specific to scenarios where the plugin includes and processes untrusted markdown files with substitution directives.
Platform: MkDocs Plugin
Version: <7.1.8
Vulnerability: Input Validation Bypass
Severity: Moderate
date: 2025-09-27
Prediction: 2025-10-04
What Undercode Say:
find /docs -name ".md" -exec grep -l "include-markdown" {} \;
Example of a potentially problematic markdown file
malicious_file.md
substitutions:
_internal_var: "malicious_value"
This is a file with a placeholder {{ _internal_var }}.
How Exploit:
Craft markdown files with substitution keys that override or conflict with internal plugin variables.
Protection from this CVE:
Upgrade to version 7.1.8.
Impact:
Content injection in documentation.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
