None · Simple-Markdown · CVE-2019-9844
**Name of the Vulnerable Software and Affected Versions**
simple-markdown versions prior to 0.4.4
**Description**
The issue is related to insufficient input sanitization, which allows Cross-Site Scripting (XSS) attacks. This can be exploited through input of links containing `data` or `vbscript` URIs and a base64-encoded payload.
**Recommendations**
Upgrade to version 0.4.4 or later.