EPSS
Percentile
36.4%
All versions of package anchorme are vulnerable to Cross-site Scripting (XSS) via the main functionality.
github.com/alexcorvi/anchorme.js/blob/gh-pages/src/transform.ts#23L81
github.com/alexcorvi/anchorme.js/blob/gh-pages/src/transform.ts%23L81
nvd.nist.gov/vuln/detail/CVE-2021-23411
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1320695
snyk.io/vuln/SNYK-JS-ANCHORME-1311008