Description
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-MARKDOWNITTOC-1044067
Related Vulnerabilities
CVE-2022-21718 Vulnerability in npm package electron
CVE-2023-26143 Vulnerability in npm package blamer
CVE-2020-19697 Vulnerability in maven package org.webjars.npm:editor.md
CVE-2023-41887 Vulnerability in maven package org.openrefine:database
CVE-2014-0050 Vulnerability in maven package commons-fileupload:commons-fileupload