Описание
Cross-Site Scripting in marked
Versions 0.3.7 and earlier of marked unescape only lowercase while owsers support both lowercase and uppercase x in hexadecimal form of HTML character entity
Пакеты
Наименование
marked
npm
Затронутые версииВерсия исправления
< 0.3.9
0.3.9