Medium severity6.1NVD Advisory· Published Apr 2, 2021· Updated Jun 17, 2026
CVE-2021-30074
CVE-2021-30074
Description
docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
docsifynpm | < 4.12.2 | 4.12.2 |
Affected products
2- docsify/docsifydescription
Patches
Vulnerability mechanics
References
5- github.com/docsifyjs/docsify/issues/1549nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-5h7x-68wj-jhwcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-30074ghsaADVISORY
- github.com/docsifyjs/docsify/commit/c24f7f6f0b87a87f6dd3755f69eb0969ebb029c9ghsaWEB
- github.com/docsifyjs/docsify/pull/1551ghsaWEB
News mentions
0No linked articles in our index yet.