CVE-2020-7680
Summary of CVE-2020-7680 (docsify XSS) Affected software: docsify prior to version 4.11.4 (docsify.js) which loads resources via fragment identifiers after # (e.g., domain.com/#//attacker.com) to server-side .md files. Root cause: insufficient validation of these fragment URLs allows rendering ar...