VYPR

npm package

markdown-it-decorate

pkg:npm/markdown-it-decorate

Vulnerabilities (1)

  • CVE-2020-28459Jul 25, 2022
    affected <= 1.2.2

    This affects all versions of package markdown-it-decorate. An attacker can add an event handler or use javascript:xxx for the link.