Incomplete blacklist vulnerability in marked 0.3.2 and previous versions for Node.js allows remote malicious users to conduct cross-site scripting (XSS) attacks via a vbscript tag in a link.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
marked project marked |