Description
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-MARKDOWNITTOC-1044067
Related Vulnerabilities
CVE-2023-6886 Vulnerability in maven package com.xnx3.wangmarket:wangmarket
CVE-2022-24441 Vulnerability in npm package snyk
CVE-2020-7760 Vulnerability in maven package org.webjars.bowergithub.components:codemirror
CVE-2021-21391 Vulnerability in npm package @ckeditor/ckeditor5-widget
CVE-2022-42004 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind