An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-08T05:10:53
Updated: 2024-08-04T01:37:15.492Z
Reserved: 2021-08-08T00:00:00
Link: CVE-2021-38186
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-08-08T06:15:08.780
Modified: 2021-08-14T16:20:39.190
Link: CVE-2021-38186
Redhat
No data.