CVE-2021-35513

CVE-2021-35513

EPSS 1.0%

Mermaid before 8.11.0 allows XSS when the antiscript feature is used.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/mermaid-js/mermaid/issues/2122 https://github.com/mermaid-js/mermaid/pull/2123 https://github.com/mermaid-js/mermaid/releases/tag/8.11.0-rc2