VYPR
Unrated severityNVD Advisory· Published Aug 21, 2025· Updated Dec 3, 2025

Markdown-it 14.1.0 - Cross-site scripting (XSS)

CVE-2025-7969

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/renderer.mjs.

This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not consider this issue to be a vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.