CVE-2025-7969 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This…
Medium CVSS: 6.9

CVE-2025-7969

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/renderer.mjs.

This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not consider this issue to be a vulnerability.
Vendor
Markdown-it Project
Product
Markdown-it
CWE
CWE-79
Yayın Tarihi
2025-08-21 17:15:32
Güncelleme
2025-12-22 19:28:13
Source Identifier
help@fluidattacks.com
KEV Date Added
-

Kategoriler

CWE-79 Markdown-it MEDIUM Markdown-it Project 2025

Referanslar

https://fluidattacks.com/advisories/fito https://github.com/markdown-it/markdown-it https://github.com/markdown-it/markdown-it/issues/1122 https://fluidattacks.com/advisories/fito