0.001 Low
EPSS
Percentile
30.2%
Mermaid is vulnerable to information disclosure. The vulnerability exists due to a css injection into the generated graph allowing for arbitrary graph modification leading to information disclosure by querying form data by css selectors.
github.com/mermaid-js/mermaid/commit/0ae1bdb61adff1cd485caff8c62ec6b8ac57b225
github.com/mermaid-js/mermaid/security/advisories/GHSA-x3vm-38hw-55wf