GHSA-C97M-VXHJ-P7J6 goldmark vulnerable to Cross-site Scripting (XSS)
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting XSS due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check IsDangerousURL before resolving HTML entities...