Ianxt

**Name of the Vulnerable Software and Affected Versions** GitBook versions 2.6.9 and earlier **Description** The issue allows for Cross-site Scripting (XSS) via a local .md file, potentially through javascript inclusion. This could be exploited by an attacker to execute malicious scripts on a user's browser. **Recommendations** For versions 2.6.9 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.