Vulnerability Details CVE-2020-28455
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.9%
CVSS Severity
CVSS v3 Score 7.3
References
Products affected by CVE-2020-28455
-
cpe:2.3:a:markdown-it-toc_project:markdown-it-toc:*