Description
docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.
Remediation
References
https://github.com/docsifyjs/docsify/issues/1549
Related Vulnerabilities
CVE-2020-14967 Vulnerability in maven package org.webjars.bowergithub.kjur:jsrsasign
CVE-2023-45278 Vulnerability in maven package org.yamcs:yamcs-core
CVE-2020-7691 Vulnerability in maven package org.webjars.npm:jspdf
CVE-2022-39381 Vulnerability in npm package muhammara
CVE-2021-21290 Vulnerability in maven package io.netty:netty-transport-native-unix-common-tests