npm hyperdown 跨站脚本漏洞

npm hyperdown is a library from the American company npm. A security vulnerability exists in npm hyperdown, which stems from the fact that the module that parses markdown does not filter the href attribute well...