domain/section/markdown/markdown.go in Documize prior to 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
documize documize |