Description
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-MARKDOWNITTOC-1044067
Related Vulnerabilities
CVE-2019-13000 Vulnerability in maven package fr.acinq.eclair:eclair-core_2.11
CVE-2023-42794 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2021-43788 Vulnerability in npm package nodebb
CVE-2020-7726 Vulnerability in npm package safe-object2
CVE-2023-37954 Vulnerability in maven package com.sonyericsson.hudson.plugins.rebuild:rebuild