Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the toc process. An attacker can interfere with same-page navigation, CSS selectors, or JavaScript handlers by creating content with predictable id attributes that collide with...