Description
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-MARKDOWNITTOC-1044067
Related Vulnerabilities
CVE-2022-24441 Vulnerability in npm package snyk
CVE-2020-6427 Vulnerability in npm package electron
CVE-2020-28477 Vulnerability in npm package immer
CVE-2023-46496 Vulnerability in npm package @evershop/evershop
CVE-2023-29526 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore