GHSA-7PX7-7XJX-HXM8 Marked vulnerable to XSS from data URIs

marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser...

marked data: URI parser cross-site scripting vulnerability

marked is an American software developer Christopher Jeffrey developed a Markdown parser and compiler written in JavaScript. data:URI parser is one of the URI Uniform Resource Identifier parser. A cross-site scripting vulnerability exists in the data: URI parser in marked 0.3.6 and earlier. A...