CVE-2020-28455
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in npm/markdown-it-toc
Identifiers
GHSA-wfvx-fx73-3rfj, CVE-2020-28455
Package Slug
npm/markdown-it-toc
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Affected Versions
All versions up to 1.1.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-08-09
| source |