0.001 Low
EPSS
Percentile
25.2%
editor.md is vulnerable to Cross-Site Scripting (XSS). The vulnerability exists due to not filtering the markdown text which allows an attacker to inject and execute arbitrary JavaScript.
github.com/advisories/GHSA-847g-34c5-vvm8
github.com/pandao/editor.md/issues/985