Unrated severityNVD Advisory· Published Aug 21, 2025· Updated Dec 3, 2025
Markdown-it 14.1.0 - Cross-site scripting (XSS)
CVE-2025-7969
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/renderer.mjs.
This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not consider this issue to be a vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 14.1.0
- markdown-it/markdown-itv5Range: 14.1.0
Patches
Vulnerability mechanics
References
1- fluidattacks.com/advisories/fitomitrethird-party-advisory
News mentions
0No linked articles in our index yet.