CVE-2024-56082

Published
View on NVD ↗
CVSS v3
3.5
LOW
CVSS v2
N/A
Affected
2
PROJECTS

Description

ChatBar.tsx in Lumos before 1.0.17 parses raw HTML in Markdown because the markdown-to-jsx package is used without disableParsingRawHTML set to true.

quantizor/markdown-to-jsx
quantizor/markdown-to-jsx
A very fast and versatile markdown toolchain. Output to AST, React, React Native, SolidJS, Vue, HTML, and more!
GitHubGitHub
2.37K
andrewnguonly/Lumos
andrewnguonly/Lumos
A RAG LLM co-pilot for browsing the web, powered by local LLMs
GitHubGitHub
1.51K