QMarkdown Cross-Site Scripting (XSS) vulnerability
QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set.
Advisories for Npm/@Quasar/Quasar-Ui-Qmarkdown package
2025
QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set.