cpe:/a:valine.js:valine:1.3.3 CVE-2018-19289 2018-11-15T01:29:00.387-05:00 2019-09-11T14:39:57.857-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2019-09-11T14:10:51.897-04:00 MISC https://github.com/xCss/Valine/issues/127 An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.