Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-28459
This affects all versions of package markdown-it-decorate. An attacker can add an event handler or use javascript:xxx for the link.
Base Score