CVE-2017-11593
Markdown Preview Plus (MPP) extension for Chrome is affected by a cross-site scripting (XSS) vulnerability in versions prior to 0.5.7. The issue arises when crafted text/markdown/rst files intended to be displayed as plain text are uploaded and then converted to HTML without proper sanitization, ...