Vulnerabilities/

Pandao editor.md vulnerable to DOM XSS

Severity:
Medium

Description

pandao Editor.md 1.5.0 has DOM XSS via input starting with a << substring, which is mishandled during construction of an A element.

Recommendation

No fix is available yet. Followings are affected versions:

References

Related Issues

Tags:
npm
editor.md
Anything's wrong? Let us know Last updated on September 08, 2023