Albertshaw

**Name of the Vulnerable Software and Affected Versions** marked versions 0.3.2 and earlier **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via a `vbscript` tag in a link. This vulnerability is present even when `sanitize:true` is set. The attack can be conducted using a link with a `vbscript` tag, such as `[xss link](vbscript:alert(1))`, which results in the creation of an `<a>` tag with the `vbscript` link. **Recommendations** Update to version 0.3.3 or later. As a temporary workaround, consider avoiding the use of `vbscript` tags in links until the issue is resolved.