0.001 Low
EPSS
Percentile
24.8%
Malicious diagrams can contain javascript code that can be run at diagram readers machines.
The users should upgrade to version 8.13.8
You need to upgrade in order to avoid this issue.
github.com/mermaid-js/mermaid
github.com/mermaid-js/mermaid/commit/066b7a0d0bda274d94a2f2d21e4323dab5776d83
github.com/mermaid-js/mermaid/releases/tag/8.13.8
github.com/mermaid-js/mermaid/security/advisories/GHSA-p3rp-vmj9-gv6v
nvd.nist.gov/vuln/detail/CVE-2021-43861