Описание
Cross-site Scripting in comrak
An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.
Ссылки
Пакеты
Наименование
comrak
rust
Затронутые версииВерсия исправления
< 0.10.1
0.10.1
Связанные уязвимости
CVSS3: 6.1
nvd
больше 4 лет назад
An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.