Vulnerabilities > Hyperdown Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-26 | CVE-2022-25849 | Cross-site Scripting vulnerability in Hyperdown Project Hyperdown The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting (XSS) because the module of parse markdown does not filter the href attribute very well. | 6.1 |