CVE-2020-28459

Description

This affects all versions of package markdown-it-decorate. An attacker can add an event handler or use javascript:xxx for the link.

References

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics