2 matches found
CVE-2026-59711
CVE-2026-59711 affects the showdown library. A cross-site scripting vulnerability exists in metadata title handling when the completeHTMLDocument option is enabled; unescaped characters in markdown frontmatter metadata are placed into HTML title tags, allowing script execution in the rendered pa...
PT-2022-24919 · Unknown +1 · @Dependencytrack/Frontend +1
Name of the Vulnerable Software and Affected Versions: @dependencytrack/frontend versions prior to 4.6.1 Description: The Dependency-Track frontend is a Single Page Application SPA that renders vulnerability details using the JavaScript library Showdown. Since Showdown does not have any XSS...