Logo
Submit a FixGo To App

AIKIDO-2024-10329

markdown2 is vulnerable to Cross-site Scripting

60

Medium

markdown2 python

AIKIDO-2024-10329: markdown2 is vulnerable to Cross-site Scripting in versions 1.0.0 - 2.5.0.

Cross-site Scripting
Vuln in 1.0.0 - 2.5.0
Fixed in 2.5.1
No CVE available
TL;DR

Affected versions of the package are vulnerable to Cross-site Scripting (XSS). The escape functionality does not escape all dangerous characters.

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade markdown2 library to patch version.

Background info

Link to vendor website

Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For Free
Your data won't be shared · Read-only access
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US