markdown-pdf is vulnerable to cross-site scripting (XSS) attacks. The application does not properly sanitize user input, allowing a malicious user can pass a markdown file to the application to inject and execute arbitrary HTML code.
CPE | Name | Operator | Version |
---|---|---|---|
markdown-pdf | le | 8.1.1 | |
markdown-pdf | le | 8.1.1 |