Vulnerabilities/

Incorrect sanitisation function leads to `XSS` in mermaid

Severity:
High

Description

Malicious diagrams can contain javascript code that can be run at diagram readers machines.

Recommendation

Update the mermaid package to the latest compatible version. Followings are version details:

References

Related Issues

Tags:
npm
mermaid
Anything's wrong? Let us know Last updated on February 03, 2023