6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.5%
docsify versions 4.12.1 and earlier are vulnerable to cross-site scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.
"
github.com/docsifyjs/docsify
github.com/docsifyjs/docsify/commit/c24f7f6f0b87a87f6dd3755f69eb0969ebb029c9
github.com/docsifyjs/docsify/issues/1549
github.com/docsifyjs/docsify/pull/1551
nvd.nist.gov/vuln/detail/CVE-2021-30074