Whoisoo6

**Name of the Vulnerable Software and Affected Versions** Typora versions 1.0.0 through 1.7 **Description** The issue is related to a cross-site scripting (XSS) vulnerability in the Markdown editor, which allows attackers to execute arbitrary code by uploading Markdown files. **Recommendations** For versions 1.0.0 through 1.7, consider disabling the Markdown file upload feature until a patch is available. Restrict access to the Markdown editor to minimize the risk of exploitation. Avoid using the affected Markdown editor until the issue is resolved.