markdown-it-katex

vulnerability cross-site scripting (xss)
severity 7.4
language javascript
registry maven

Overview

org.webjars.npm:markdown-it-katex is a Fast math support for markdown-it with KaTeX, this package is vulnerable to Cross-site Scripting (XSS).

It fails to properly escape error messages, which may allow attackers to execute arbitrary JavaScript in a victim's browser by triggering an error.

References