CVE-2025-54881
Published
CVSS v3
N/A
CVSS v2
N/A
Affected
1
PROJECT
Description
Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 10.9.0-rc.1 to 11.9.0, user supplied input for sequence diagram labels is passed to innerHTML during calculation of element size, causing XSS.
Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown
GitHub