A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor prior to 4.0.0-rc22.
caret caret
caret caret 4.0.0