Vulnerability CVE-2022-25849


Published: 2022-10-26

Description:
The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting (XSS) because the module of parse markdown does not filter the href attribute very well.

 References:
https://security.snyk.io/vuln/SNYK-PHP-JOYQIHYPERDOWN-2953544

Copyright 2026, cxsecurity.com

 

Back to Top