CVE-2023-30792

Name of the Vulnerable Software and Affected Versions Lexical versions prior to 0.10.0

Description The issue allows cross-site scripting on link clicks when input is being parsed from untrusted sources, due to href attributes in anchor tags rendering javascript: URLs.

Recommendations For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue. As a temporary workaround, consider restricting the parsing of input from untrusted sources to minimize the risk of exploitation.