Description
docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.
Remediation
References
https://github.com/docsifyjs/docsify/issues/1549
Related Vulnerabilities
CVE-2019-14517 Vulnerability in maven package org.webjars.bowergithub.pandao:editor.md
CVE-2018-1002200 Vulnerability in maven package org.codehaus.plexus:plexus-archiver
CVE-2023-39154 Vulnerability in maven package com.qualys.plugins:qualys-was
CVE-2011-4905 Vulnerability in maven package activemq:activemq
CVE-2021-21293 Vulnerability in maven package org.http4s:blaze-core_2.13