Abhi-Ingle

**Name of the Vulnerable Software and Affected Versions** yzane vscode-markdown-pdf version 1.5.0 **Description** A problematic issue has been found in the Markdown File Handler component, leading to pathname traversal. The manipulation requires a local attack. The exploit has been disclosed to the public and may be used. **Recommendations** For yzane vscode-markdown-pdf version 1.5.0, consider disabling the Markdown File Handler component until a patch is available to prevent pathname traversal attacks. Restrict local access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** yzane vscode-markdown-pdf version 1.5.0 **Description** A problematic issue was found in the software, affecting an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For yzane vscode-markdown-pdf version 1.5.0, consider disabling the functionality that leads to cross site scripting until a patch is available. Restrict access to the affected part of the software to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.