CVE-2020-27176

Name of the Vulnerable Software and Affected Versions Mark Text versions prior to 0.16.3

Description The issue is related to Mutation XSS, which can lead to Remote Code Execution. It is associated with the "source code mode" feature, where HTML is parsed despite HTML support not being a primary function of the product.

Recommendations For Mark Text versions prior to 0.16.3, update to version 0.16.3 or later to resolve the issue. As a temporary workaround, consider disabling the "source code mode" feature until a patch is available. Restrict access to this feature to minimize the risk of exploitation.