CVE-2025-43954

Published April 20th, 2025

View on NVD ↗

CVSS v3

4.9

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set.

quasarframework/quasar-ui-qmarkdown

A Quasar UI App Extension to display inline markdown

GitHub

172