Description
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-MARKDOWNITTOC-1044067
Related Vulnerabilities
CVE-2020-11022 Vulnerability in maven package org.fujion.webjars:jquery
CVE-2021-46877 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2020-16040 Vulnerability in maven package org.webjars.npm:electron
CVE-2021-37404 Vulnerability in maven package org.apache.hadoop:hadoop-common
CVE-2023-49398 Vulnerability in maven package com.jfinal:jfinal