Fr4Nk404

**Name of the Vulnerable Software and Affected Versions** BoostIO Boostnote version 0.11.15 **Description** The issue concerns a cross-site scripting (XSS) problem. It can be triggered via a label named `mermaid` by crafting the `SRC` attribute of an `IFRAME` element. **Recommendations** For BoostIO Boostnote version 0.11.15, consider disabling the `mermaid` label functionality until a patch is available to prevent potential XSS exploitation.