URL Protocol Bypass
katex is vulnerable to URL Protocol Bypass. The vulnerability is due to insufficient validation of URL protocols by the KaTeX library's trust option. It allows malicious inputs containing URLs with uppercase characters in the protocol to bypass the blacklist mechanism...