EPSS
Percentile
37.3%
editor.md is vulnerable to cross-site scripting (XSS). The attack is possible because a user’s input in edit mode are not sanitized, allowing an attacker to inject a malicious script through it.
github.com/pandao/editor.md/issues/709