Filtered by vendor Post-loader Project Subscriptions
Filtered by product Post-loader Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-0748 1 Post-loader Project 1 Post-loader 2024-11-21 9.8 Critical
The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Execution which uses a markdown parser in an unsafe way so that any javascript code inside the markdown input files gets evaluated and executed.