XSS in mdBook
This is a cross-post of the official security advisory. The official post contains a signed version with our PGP key, as well. The Rust Security Response Working Group was recently notified of a security issue affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page. The CVE for this vulnerability is CVE-2020-26297.