Description
docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.
Remediation
References
https://github.com/docsifyjs/docsify/issues/1549
Related Vulnerabilities
CVE-2020-15215 Vulnerability in npm package electron
CVE-2023-44487 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2022-36034 Vulnerability in npm package nitrado.js
CVE-2021-21181 Vulnerability in npm package electron
CVE-2021-23329 Vulnerability in npm package nested-object-assign