Cross-site Scripting Vulnerability in Markup Markdown by Pierre-Henri Lavigne
CVE-2025-49420
6.5MEDIUM
What is CVE-2025-49420?
An improper neutralization of input during web page generation vulnerability in Markup Markdown allows for stored Cross-site Scripting (XSS). This flaw can enable attackers to inject arbitrary JavaScript into web pages viewed by users, leading to potential data theft or impersonation. The issue affects versions from n/a to 3.20.6.
Affected Version(s)
Markup Markdown <= 3.20.6