VYPR

Parsedown

by Erusev

Source repositories

CVEs (1)

  • CVE-2019-10905HigApr 6, 2019
    risk 0.53cvss 8.1epss 0.01

    Parsedown before 1.7.2, when safe mode is used and HTML markup is disabled, might allow attackers to execute arbitrary JavaScript code if a script (already running on the affected page) executes the contents of any element with a specific class. This occurs because spaces are…