Filtered by vendor Quantizor
Subscriptions
Filtered by product Markdown-to-jsx
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-21535 | 2 Markdown-to-jsx, Quantizor | 2 Markdown-to-jsx, Markdown-to-jsx | 2024-10-17 | 6.1 Medium |
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown. |
Page 1 of 1.