0.001 Low
EPSS
Percentile
49.2%
mistune is vulnerable to cross-site scripting (XSS) attacks. The _keyify method doesn’t escape the key values which allows attackers to insert and execute arbitrary webscript.
_keyify
github.com/lepture/mistune/commit/5f06d724bc05580e7f203db2d4a4905fc1127f98