Multiple cross-site scripting (XSS) vulnerabilities in the Marked module prior to 0.3.1 for Node.js allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) gfm codeblocks (language) or (2) javascript url's.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
marked project marked |