CVE-2020-7773
This CVE affects the JavaScript package markdown-it-highlightjs before version 3.3.1 . The vulnerability stems from the ability to inject malicious JavaScript through the lang value used in the package’s inline code highlighting feature, enabling XSS in affected renderings (example payload shown ...