Vulnerabilities > Hyperdown Project

DATE CVE VULNERABILITY TITLE RISK
2022-10-26 CVE-2022-25849 Cross-site Scripting vulnerability in Hyperdown Project Hyperdown
The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting (XSS) because the module of parse markdown does not filter the href attribute very well.
network
low complexity
hyperdown-project CWE-79
6.1