← Back to CVE List

CVE-2022-25849

Published: 2022-10-26T05:15Z
Last Modified: 2024-11-21T06:53Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting (XSS) because the module of parse markdown does not filter the href attribute very well. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt