markdown-to-jsx icon indicating copy to clipboard operation
markdown-to-jsx copied to clipboard

Published 20 hours ago verified publisher icon quantizor

Vulnerability in v6

Open artola opened this issue 1 year ago • 1 comments

Even if v7 has fixed this vulnerability, would it be possible to backport it to v6 (v6.11.4 still at 445,346 downloads per week)?

Issue: Cross site scripting in markdown-to-jsx URL: https://github.com/advisories/GHSA-4wx3-54gh-9fr9 Severity: moderate Vulnerable Versions: <7.4.

artola avatar Oct 16 '24 05:10 artola

I'm open to a PR if someone wants to backport the fix

quantizor avatar Nov 12 '24 06:11 quantizor