Ekultek

Name of the Vulnerable Software and Affected Versions: cebe markdown parser versions 1.2.0 and earlier Description: The issue allows a maliciously crafted script to be executed, potentially resulting in the loss of user data and sensitive user information. This can be exploited by crafting a three backtick wrapped payload with a character in front, such as "```<script>alert();</script>```". Recommendations: For cebe markdown parser versions 1.2.0 and earlier, consider sanitizing user input to prevent malicious code execution until a fix is available. As a temporary workaround, restrict the use of the markdown parser for untrusted input to minimize the risk of exploitation.