Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the
email@example.com which mitigates the issue by disabling the
gatsby-transformer-remark must be used, input passed into the plugin should be sanitized ahead of processing. It is encouraged for projects to upgrade to the latest major release branch for all Gatsby plugins to ensure the latest security updates and bug fixes are received in a timely manner.
All versions before 5.25.1, version 6.3.1
Unfortunately, there is no solution available yet.