Description
docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.
Remediation
References
https://github.com/docsifyjs/docsify/issues/1549
Related Vulnerabilities
CVE-2021-25931 Vulnerability in maven package org.opennms:opennms-webapp
CVE-2020-35202 Vulnerability in maven package org.igniterealtime.openfire.plugins:dbaccess
CVE-2023-40037 Vulnerability in maven package org.apache.nifi:nifi-dbcp-base
CVE-2022-45208 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system