Cross-Site Scripting in markdown-to-jsx
Versions of markdown-to-jsx are vulnerable to Cross-Site Scripting. Due to insufficient input sanitization the package may render output containing malicious JavaScript. This vulnerability can be exploited through input of links containing data or VBScript URIs and a base64-encoded payload. Upgrade to or later.