CVE-2021-35513

CVE-2021-35513

EPSS 1.0%

Mermaid before 8.11.0 allows XSS when the antiscript feature is used.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/mermaid-js/mermaid/issues/2122 https://github.com/mermaid-js/mermaid/pull/2123 https://github.com/mermaid-js/mermaid/releases/tag/8.11.0-rc2