Vulnerability DatabaseWS-2019-0025
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2019-0025
Published:May 14, 2026
Updated:May 14, 2026
Versions 0.3.7 and earlier of marked When mangling is disabled via option mangle don't escape target href are vulnerable to XSS, which allows an attacker to inject arbitrary code.
Affected Packages
marked (CDN_JS):
Affected version(s) >=0.0.1 <0.3.9
Fix Suggestion:
Update to version 0.3.9
tensorflow (CONDA):
Affected version(s) =0.7.1 <0.8.0
Fix Suggestion:
Update to version 0.8.0
notebook (CONDA):
Affected version(s) >=4.0.1 <5.3.1
Fix Suggestion:
Update to version 5.3.1
anvio-minimal (CONDA):
Affected version(s) >=5.2.0 <=7.1
Fix Suggestion:
Update to version no_fix
anvio (CONDA):
Affected version(s) >=2.3.2 <5.2.0
Fix Suggestion:
Update to version 5.2.0
notebook (CONDA):
Affected version(s) =5.5.0 <5.6.0
Fix Suggestion:
Update to version 5.6.0
ipython (CONDA):
Affected version(s) >=1.0.0 <4.0.0
Fix Suggestion:
Update to version 4.0.0
marked (NPM):
Affected version(s) >=0.0.1 <0.3.9
Fix Suggestion:
Update to version 0.3.9
polymer-iron-elements (NUGET):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
zchat (NUGET):
Affected version(s) >=1.0.0 <=1.0.1
Fix Suggestion:
Update to version no_fix
gnap.themes.web.gnap.angular (NUGET):
Affected version(s) >=0.22.0 <=1.1.0
Fix Suggestion:
Update to version no_fix
jsdoc (NUGET):
Affected version(s) >=3.4.0 <=4.3.0
Fix Suggestion:
Update to version no_fix
polymer-core-elements (NUGET):
Affected version(s) >=0.4.2 <=0.5.5
Fix Suggestion:
Update to version no_fix
autorest (NUGET):
Affected version(s) >=1.0.1 <=1.2.1
Fix Suggestion:
Update to version no_fix
angular-markdown-editor (NUGET):
Affected version(s) >=1.0.0 <=1.1.3
Fix Suggestion:
Update to version no_fix
raml.parser (NUGET):
Affected version(s) >=1.0.0 <1.0.7
Fix Suggestion:
Update to version 1.0.7
z4a-dotnet-scaffold (NUGET):
Affected version(s) >=1.0.0.1 <1.0.0.3
Fix Suggestion:
Update to version 1.0.0.3
midiator.webclient (NUGET):
Affected version(s) >=1.0.98 <1.0.105
Fix Suggestion:
Update to version 1.0.105
availablelight (NUGET):
Affected version(s) =1.0.7 <1.0.8
Fix Suggestion:
Update to version 1.0.8
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-dependabot/composer/composer/composer-1.10.23 <dev-fix_backup_encoding_v2
Fix Suggestion:
Update to version dev-fix_backup_encoding_v2
neos/neos-development-collection (PHP):
Affected version(s) =dev-bugfix/release_notes_52 <dev-analysis-a64drk
Fix Suggestion:
Update to version dev-analysis-a64drk
websix/xlsx-compiler (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
microweber/microweber (PHP):
Affected version(s) >=dev-Radanovn-patch-1 <1.0.2.x-dev
Fix Suggestion:
Update to version 1.0.2.x-dev
neos/neos-development-collection (PHP):
Affected version(s) =dev-mficzel-patch-1 <dev-task/eventstore-1.0
Fix Suggestion:
Update to version dev-task/eventstore-1.0
typo3/neos (PHP):
Affected version(s) =4.1.17 <4.1.18
Fix Suggestion:
Update to version 4.1.18
rcm/plugins (PHP):
Affected version(s) =dev-revert-480-master
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) >=dev-snyk-fix-6aecf4d1b66f9382c324a3900631c3a3 <1.0.1
Fix Suggestion:
Update to version 1.0.1
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =v0.0.17 <0.0.18
Fix Suggestion:
Update to version 0.0.18
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-nNyQ4g <dev-analysis-vZQ04N
Fix Suggestion:
Update to version dev-analysis-vZQ04N
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-contact_from_email_providers <dev-custom_field_button
Fix Suggestion:
Update to version dev-custom_field_button
piksera/core (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=dev-analysis-M1j5K2 <dev-analysis-Vr1BA6
Fix Suggestion:
Update to version dev-analysis-Vr1BA6
typo3/neos (PHP):
Affected version(s) =4.1.7 <4.1.8
Fix Suggestion:
Update to version 4.1.8
arwp/main-master (PHP):
Affected version(s) >=dev-main <=v1.1.7
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/bundler/Neos.Media.Browser/ffi-1.13.1 <dev-dependabot/bundler/Neos.Media.Browser/ffi-1.15.0
Fix Suggestion:
Update to version dev-dependabot/bundler/Neos.Media.Browser/ffi-1.15.0
neos/neos (PHP):
Affected version(s) =3.3.10 <3.3.11
Fix Suggestion:
Update to version 3.3.11
neos/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-3.2.2 <dev-task/upmerges-83-90
Fix Suggestion:
Update to version dev-task/upmerges-83-90
neos/neos-development-collection (PHP):
Affected version(s) >=5.0.1 <dev-analysis-KoJJA6
Fix Suggestion:
Update to version dev-analysis-KoJJA6
greenpower/asset-bundle (PHP):
Affected version(s) =dev-develop
Fix Suggestion:
Update to version no_fix
lindelin/lindale (PHP):
Affected version(s) >=v1.4.15 <v1.5.5
Fix Suggestion:
Update to version v1.5.5
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=0.0.11 <0.0.17
Fix Suggestion:
Update to version 0.0.17
neos/neos-development-collection (PHP):
Affected version(s) >=4.0.1 <4.0.11
Fix Suggestion:
Update to version 4.0.11
neos/neos (PHP):
Affected version(s) =4.0.9 <4.0.10
Fix Suggestion:
Update to version 4.0.10
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-o72VmP <dev-feature/wallpaper-73
Fix Suggestion:
Update to version dev-feature/wallpaper-73
lindelin/lindale (PHP):
Affected version(s) =v1.6.6 <v1.6.7
Fix Suggestion:
Update to version v1.6.7
neos/neos (PHP):
Affected version(s) =3.2.9 <3.2.10
Fix Suggestion:
Update to version 3.2.10
typo3/neos (PHP):
Affected version(s) >=dev-docs-neos-ui <historic-1.0.0-alpha1
Fix Suggestion:
Update to version historic-1.0.0-alpha1
neos/neos-development-collection (PHP):
Affected version(s) =dev-replace-in-memory-sort <dev-revert-3411-bugfix/removeBrokenValidationAnnotation
Fix Suggestion:
Update to version dev-revert-3411-bugfix/removeBrokenValidationAnnotation
shaoyikai/api-doc (PHP):
Affected version(s) >=dev-develop <=v1.0.2
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) >=5.0.0 <5.0.1
Fix Suggestion:
Update to version 5.0.1
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=dev-add_custom_data_on_product <oop-preview
Fix Suggestion:
Update to version oop-preview
neos/neos-development-collection (PHP):
Affected version(s) =3.3.8 <3.3.9
Fix Suggestion:
Update to version 3.3.9
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/changelog <dev-task/cleanup-doctrinedbaladapter
Fix Suggestion:
Update to version dev-task/cleanup-doctrinedbaladapter
themewizz/twz-plugin-manager-client-library (PHP):
Affected version(s) >=dev-main <5.0.3
Fix Suggestion:
Update to version 5.0.3
neos/neos (PHP):
Affected version(s) >=4.1.17 <4.2.1
Fix Suggestion:
Update to version 4.2.1
neos/neos (PHP):
Affected version(s) >=4.1.10 <4.1.16
Fix Suggestion:
Update to version 4.1.16
typo3/neos (PHP):
Affected version(s) =4.2.13 <4.2.14
Fix Suggestion:
Update to version 4.2.14
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-YO0xb0 <dev-analysis-ZlKnb0
Fix Suggestion:
Update to version dev-analysis-ZlKnb0
neos/neos-development-collection (PHP):
Affected version(s) >=dev-bugfix/neos-media-without-neos <dev-bugfix/node-service-template
Fix Suggestion:
Update to version dev-bugfix/node-service-template
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Neos/ini-1.3.7 <dev-dependabot/npm_and_yarn/Neos.Neos/json5-1.0.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Neos/json5-1.0.2
rami-awadallah/myhelpers (PHP):
Affected version(s) >=dev-master <=1.5.x-dev
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.1.4 <3.2.6
Fix Suggestion:
Update to version 3.2.6
bolt/bolt (PHP):
Affected version(s) =v3.2.11 <v3.2.12
Fix Suggestion:
Update to version v3.2.12
neos/neos (PHP):
Affected version(s) >=3.0.0 <3.0.3
Fix Suggestion:
Update to version 3.0.3
ilhanet/erpnet-widget-resource (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) =dev-docs-neos-ui <dev-feature/NodeUriPathSegmentGeneratorForDimension
Fix Suggestion:
Update to version dev-feature/NodeUriPathSegmentGeneratorForDimension
restaurare/ewlist (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.3.15 <dev-analysis-N4xo2r
Fix Suggestion:
Update to version dev-analysis-N4xo2r
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/remove-old-code-migrations <dev-task/remove-performance-measure-commmands
Fix Suggestion:
Update to version dev-task/remove-performance-measure-commmands
neos/neos-development-collection (PHP):
Affected version(s) >=3.3.10 <3.3.14
Fix Suggestion:
Update to version 3.3.14
neos/neos-development-collection (PHP):
Affected version(s) >=4.0.12 <4.1.8
Fix Suggestion:
Update to version 4.1.8
jason-munro/cypht (PHP):
Affected version(s) >=dev-bp-get-client-issue <v1.0.0-rc1
Fix Suggestion:
Update to version v1.0.0-rc1
neos/neos (PHP):
Affected version(s) >=5.0.0 <5.0.7
Fix Suggestion:
Update to version 5.0.7
neos/neos (PHP):
Affected version(s) =3.2.1 <3.2.2
Fix Suggestion:
Update to version 3.2.2
neos/neos (PHP):
Affected version(s) =3.0.13 <3.0.14
Fix Suggestion:
Update to version 3.0.14
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-media_library_unsplash_update <dev-newsletter_module
Fix Suggestion:
Update to version dev-newsletter_module
neos/neos-development-collection (PHP):
Affected version(s) =dev-cascade-childevents <dev-catchRootNodeAdjustments
Fix Suggestion:
Update to version dev-catchRootNodeAdjustments
siezi/phile-admin-markdown-editor (PHP):
Affected version(s) >=dev-master <=2.0.0
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) =3.1.x-dev <3.1.1
Fix Suggestion:
Update to version 3.1.1
docit/core (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=1.0.8.x-dev <1.1.x-dev
Fix Suggestion:
Update to version 1.1.x-dev
visonforcoding/cakephp-wpadmin (PHP):
Affected version(s) >=dev-master <=0.1.4
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=dev-applied-migrations <dev-bugfix-disconnected-nodes-on-move
Fix Suggestion:
Update to version dev-bugfix-disconnected-nodes-on-move
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-9bl9MN <dev-analysis-9mBRn6
Fix Suggestion:
Update to version dev-analysis-9mBRn6
alirezab/admin-panel (PHP):
Affected version(s) >=1.0 <1.1
Fix Suggestion:
Update to version 1.1
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-5ZQZ3l <dev-analysis-5ZmxZv
Fix Suggestion:
Update to version dev-analysis-5ZmxZv
20steps/bricks-custom-acme-demo-angular-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/Neos.Neos/y18n-3.2.2 <dev-docs/range-editor
Fix Suggestion:
Update to version dev-docs/range-editor
neos/neos (PHP):
Affected version(s) >=3.0.7 <3.0.9
Fix Suggestion:
Update to version 3.0.9
websix/xlsx-compiler (PHP):
Affected version(s) >=1.1.0 <=1.1.3
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=3.1.0 <3.1.3
Fix Suggestion:
Update to version 3.1.3
neos/neos (PHP):
Affected version(s) >=4.2.2 <4.3.10
Fix Suggestion:
Update to version 4.3.10
salimkamboh/yii2-angularjs (PHP):
Affected version(s) >=dev-main <=1.0
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =3.0.x-dev <dev-analysis-BMJ3og
Fix Suggestion:
Update to version dev-analysis-BMJ3og
oburatongoi/productivity (PHP):
Affected version(s) >=0.1.0 <0.4.35
Fix Suggestion:
Update to version 0.4.35
kratos/kratos (PHP):
Affected version(s) =0.0.1 <0.0.1a
Fix Suggestion:
Update to version 0.0.1a
typo3/neos (PHP):
Affected version(s) =3.2.11 <3.2.12
Fix Suggestion:
Update to version 3.2.12
typo3/neos (PHP):
Affected version(s) >=4.2.5 <4.2.12
Fix Suggestion:
Update to version 4.2.12
reliv/rcm-plugins (PHP):
Affected version(s) =dev-revert-480-master
Fix Suggestion:
Update to version no_fix
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.2.x-dev <dev-1.2-test-pm
Fix Suggestion:
Update to version dev-1.2-test-pm
neos/neos-development-collection (PHP):
Affected version(s) =dev-pr/2431 <dev-feature/3216-overhaul-routing
Fix Suggestion:
Update to version dev-feature/3216-overhaul-routing
typo3/neos (PHP):
Affected version(s) =3.0.x-dev <3.0.1
Fix Suggestion:
Update to version 3.0.1
dvlpp/sharp (PHP):
Affected version(s) >=1.0.0 <v1.3.28
Fix Suggestion:
Update to version v1.3.28
kayrules/solatjakim-api-site (PHP):
Affected version(s) =dev-master <dev-version-1.0
Fix Suggestion:
Update to version dev-version-1.0
typo3/neos (PHP):
Affected version(s) =4.2.x-dev <4.2.1
Fix Suggestion:
Update to version 4.2.1
typo3/neos (PHP):
Affected version(s) >=3.3.18 <3.3.23
Fix Suggestion:
Update to version 3.3.23
typo3/neos (PHP):
Affected version(s) >=3.3.26 <4.0.0
Fix Suggestion:
Update to version 4.0.0
ristorantino/install (PHP):
Affected version(s) =dev-ale-helpers-components <dev-master
Fix Suggestion:
Update to version dev-master
neos/neos (PHP):
Affected version(s) >=3.0.18 <3.0.20
Fix Suggestion:
Update to version 3.0.20
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/rename-ts-to-fusion <dev-task/renameAfxNodeParser
Fix Suggestion:
Update to version dev-task/renameAfxNodeParser
typo3/neos (PHP):
Affected version(s) >=4.0.12 <4.0.17
Fix Suggestion:
Update to version 4.0.17
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-ZnrJvD <dev-analysis-ajWyxm
Fix Suggestion:
Update to version dev-analysis-ajWyxm
neos/neos-development-collection (PHP):
Affected version(s) >=3.2.7 <3.2.9
Fix Suggestion:
Update to version 3.2.9
typo3/neos (PHP):
Affected version(s) >=7.0.1 <7.0.3
Fix Suggestion:
Update to version 7.0.3
hoter/yii2-lepture-markdown (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
typo3/neos (PHP):
Affected version(s) >=7.0.7 <7.1.0
Fix Suggestion:
Update to version 7.1.0
lindelin/lindale (PHP):
Affected version(s) =v1.3.0 <v1.3.1
Fix Suggestion:
Update to version v1.3.1
neos/neos (PHP):
Affected version(s) =3.1.4 <3.1.5
Fix Suggestion:
Update to version 3.1.5
neos/neos-development-collection (PHP):
Affected version(s) >=3.0.18 <3.1.1
Fix Suggestion:
Update to version 3.1.1
neos/neos (PHP):
Affected version(s) =3.2.x-dev <dev-dependabot/npm_and_yarn/nanoid-3.2.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/nanoid-3.2.0
neos/neos (PHP):
Affected version(s) >=3.3.6 <3.3.8
Fix Suggestion:
Update to version 3.3.8
neos/neos (PHP):
Affected version(s) =3.3.14 <3.3.15
Fix Suggestion:
Update to version 3.3.15
typo3/neos (PHP):
Affected version(s) >=4.1.19 <4.2.0
Fix Suggestion:
Update to version 4.2.0
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/url-parse-1.5.7 <v1.5.7
Fix Suggestion:
Update to version v1.5.7
bolt/bolt (PHP):
Affected version(s) =v3.2.7 <v3.2.8
Fix Suggestion:
Update to version v3.2.8
neos/neos (PHP):
Affected version(s) =3.0.16 <3.0.17
Fix Suggestion:
Update to version 3.0.17
neos/neos-development-collection (PHP):
Affected version(s) =dev-dfeyer-patch-2 <dev-feature/allow-eventstore-doctrineadabter-v2
Fix Suggestion:
Update to version dev-feature/allow-eventstore-doctrineadabter-v2
typo3/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-3.2.2
Fix Suggestion:
Update to version no_fix
gfsdeliver/checkout (PHP):
Affected version(s) =2.0.0 <v2.0.4
Fix Suggestion:
Update to version v2.0.4
anomaly/markdown-field_type (PHP):
Affected version(s) =2.2.x-dev <v2.2.0
Fix Suggestion:
Update to version v2.2.0
neos/neos (PHP):
Affected version(s) =3.2.5 <3.2.6
Fix Suggestion:
Update to version 3.2.6
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-RvdWxp <dev-analysis-YOjolj
Fix Suggestion:
Update to version dev-analysis-YOjolj
neos/neos (PHP):
Affected version(s) >=4.0.12 <4.1.0
Fix Suggestion:
Update to version 4.1.0
orchestra/story (PHP):
Affected version(s) =3.1.x-dev <v3.1.0
Fix Suggestion:
Update to version v3.1.0
neos/neos (PHP):
Affected version(s) >=dev-snyk-fix-6aecf4d1b66f9382c324a3900631c3a3 <1.0.1
Fix Suggestion:
Update to version 1.0.1
neos/neos (PHP):
Affected version(s) >=3.3.18 <4.0.3
Fix Suggestion:
Update to version 4.0.3
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =0.0.1 <0.0.2
Fix Suggestion:
Update to version 0.0.2
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.1.7.x-dev <1.1.8.x-dev
Fix Suggestion:
Update to version 1.1.8.x-dev
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-unsplash_integration <dev-update_custom_fields_design
Fix Suggestion:
Update to version dev-update_custom_fields_design
soldotno/vanilla-enterprise-module (PHP):
Affected version(s) =dev-master <1.0
Fix Suggestion:
Update to version 1.0
neos/neos (PHP):
Affected version(s) =4.0.6 <4.0.7
Fix Suggestion:
Update to version 4.0.7
typo3/neos (PHP):
Affected version(s) >=5.3.5 <5.3.7
Fix Suggestion:
Update to version 5.3.7
orchestra/story (PHP):
Affected version(s) >=v3.1.1 <3.3.x-dev
Fix Suggestion:
Update to version 3.3.x-dev
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) =dev-contact_form_fix_sr-1 <1.0.2.x-dev
Fix Suggestion:
Update to version 1.0.2.x-dev
neos/neos (PHP):
Affected version(s) >=3.1.6 <3.1.9
Fix Suggestion:
Update to version 3.1.9
filsh/footable (PHP):
Affected version(s) =dev-bs3
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=7.0.1 <7.1.0
Fix Suggestion:
Update to version 7.1.0
dantleech/bolt-object-agent (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) =dev-master <dev-nodeCoverageRestoration
Fix Suggestion:
Update to version dev-nodeCoverageRestoration
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) =1.8.x-dev
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=7.0.7 <7.1.0
Fix Suggestion:
Update to version 7.1.0
ijackua/yii2-lepture-markdown-editor-widget (PHP):
Affected version(s) >=dev-master <=1.0.0
Fix Suggestion:
Update to version no_fix
speixoto/yii2-polymer (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.0.1 <3.0.9
Fix Suggestion:
Update to version 3.0.9
neos/neos-development-collection (PHP):
Affected version(s) >=dev-bugfix/3258-no-exception-on-unresolvable-shortcuts <dev-bugfix/3432
Fix Suggestion:
Update to version dev-bugfix/3432
neos/neos-development-collection (PHP):
Affected version(s) =dev-verify-migrations-workaround <dev-workspaceAdjustments
Fix Suggestion:
Update to version dev-workspaceAdjustments
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/path-parse-1.0.7 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
kratos/kratos (PHP):
Affected version(s) =0.0.1b
Fix Suggestion:
Update to version no_fix
20steps/bricks-demo-angularjs (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=7.0.1 <7.0.4
Fix Suggestion:
Update to version 7.0.4
neos/neos-development-collection (PHP):
Affected version(s) =4.2.x-dev <4.2.1
Fix Suggestion:
Update to version 4.2.1
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Neos/node-sass-4.13.1 <dev-dependabot/npm_and_yarn/Neos.Neos/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Neos/node-sass-7.0.0
neos/neos (PHP):
Affected version(s) >=5.3.8 <dev-dependabot/npm_and_yarn/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/node-sass-7.0.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-b0jyMw <dev-analysis-0gN1mE
Fix Suggestion:
Update to version dev-analysis-0gN1mE
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) >=1.3.x-dev <1.5.0
Fix Suggestion:
Update to version 1.5.0
lindelin/lindale (PHP):
Affected version(s) >=v1.4.10 <v1.4.14
Fix Suggestion:
Update to version v1.4.14
neos/neos (PHP):
Affected version(s) >=3.3.3 <3.3.5
Fix Suggestion:
Update to version 3.3.5
lindelin/lindale (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/url-parse-1.5.10 <v1.6.2
Fix Suggestion:
Update to version v1.6.2
neos/neos-development-collection (PHP):
Affected version(s) =dev-php8 <8.0.1
Fix Suggestion:
Update to version 8.0.1
typo3/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/yargs-parser-5.0.1 <5.0.2
Fix Suggestion:
Update to version 5.0.2
typo3/neos (PHP):
Affected version(s) >=5.0.3 <5.3.4
Fix Suggestion:
Update to version 5.3.4
lindelin/lindale (PHP):
Affected version(s) >=v1.4.5 <v1.4.7
Fix Suggestion:
Update to version v1.4.7
neos/neos-development-collection (PHP):
Affected version(s) >=4.2.2 <dev-analysis-KoxA5A
Fix Suggestion:
Update to version dev-analysis-KoxA5A
neos/neos-development-collection (PHP):
Affected version(s) =3.1.2 <3.1.3
Fix Suggestion:
Update to version 3.1.3
friendsofvictoire/markdown-widget (PHP):
Affected version(s) >=dev-master <=2.1.0
Fix Suggestion:
Update to version no_fix
uikit/uikit (PHP):
Affected version(s) =2.0.0 <dev-dependabot/npm_and_yarn/dev-dependencies-32e16465c2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/dev-dependencies-32e16465c2
microweber/microweber (PHP):
Affected version(s) =1.x-dev <1.0.x-dev
Fix Suggestion:
Update to version 1.0.x-dev
neos/neos (PHP):
Affected version(s) =4.0.4 <4.0.5
Fix Suggestion:
Update to version 4.0.5
lindelin/lindale (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/dns-packet-1.3.4 <v1.4.3
Fix Suggestion:
Update to version v1.4.3
dungphanxuan/yii2-lepture-editor (PHP):
Affected version(s) >=dev-master <=0.1
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) >=3.2.10 <3.3.7
Fix Suggestion:
Update to version 3.3.7
oburatongoi/productivity (PHP):
Affected version(s) >=0.0.9 <0.0.13
Fix Suggestion:
Update to version 0.0.13
typo3/neos (PHP):
Affected version(s) =3.0.9 <3.0.10
Fix Suggestion:
Update to version 3.0.10
neos/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/ini-1.3.7 <2.0.0-RC1
Fix Suggestion:
Update to version 2.0.0-RC1
neos/neos (PHP):
Affected version(s) >=3.1.11 <3.2.0
Fix Suggestion:
Update to version 3.2.0
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-tests <dev-tg
Fix Suggestion:
Update to version dev-tg
neos/neos-development-collection (PHP):
Affected version(s) =dev-remove-typo3-replace <dev-task/replace-Typo3Neos
Fix Suggestion:
Update to version dev-task/replace-Typo3Neos
neos/neos-development-collection (PHP):
Affected version(s) >=dev-albe-fix-neos-users <dev-analysis-BMOoOg
Fix Suggestion:
Update to version dev-analysis-BMOoOg
labo/admin-bundle (PHP):
Affected version(s) =dev-amato <dev-boucherie
Fix Suggestion:
Update to version dev-boucherie
anomaly/markdown-field-type (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/set-shortcut-default-to-parent <dev-task/speed-up-ci-run
Fix Suggestion:
Update to version dev-task/speed-up-ci-run
neos/neos-development-collection (PHP):
Affected version(s) >=dev-feature/show-asset-collection <dev-feature/simplify-command-handling
Fix Suggestion:
Update to version dev-feature/simplify-command-handling
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/jquery-3.5.0 <4.0.0.x-dev
Fix Suggestion:
Update to version 4.0.0.x-dev
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) =1.7.0 <1.7.x-dev
Fix Suggestion:
Update to version 1.7.x-dev
neos/neos-development-collection (PHP):
Affected version(s) >=4.1.9 <4.2.0
Fix Suggestion:
Update to version 4.2.0
microweber/microweber (PHP):
Affected version(s) =dev-revert-797-master
Fix Suggestion:
Update to version no_fix
lambda/yii2-neon (PHP):
Affected version(s) >=dev-master <=0.1.1
Fix Suggestion:
Update to version no_fix
laminas-api-tools/api-tools-documentation-swagger (PHP):
Affected version(s) =1.5.x-dev <1.6.0
Fix Suggestion:
Update to version 1.6.0
sitegeist/nomenclator (PHP):
Affected version(s) =dev-feature/frontendAndStyle <dev-master
Fix Suggestion:
Update to version dev-master
neos/neos (PHP):
Affected version(s) >=3.2.12 <dev-dependabot/npm_and_yarn/nanoid-3.3.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/nanoid-3.3.1
dsheiko/extras (PHP):
Affected version(s) >=dev-master <=v1.0.3
Fix Suggestion:
Update to version no_fix
microweber/microweber (PHP):
Affected version(s) >=dev-account-manager <oop-preview
Fix Suggestion:
Update to version oop-preview
typo3/neos (PHP):
Affected version(s) =3.2.x-dev <dev-dependabot/npm_and_yarn/nanoid-3.2.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/nanoid-3.2.0
schumacherfm/markdown (PHP):
Affected version(s) >=v2.1.0-rc.3 <v2.2.0
Fix Suggestion:
Update to version v2.2.0
neos/neos-development-collection (PHP):
Affected version(s) >=3.0.10 <3.0.17
Fix Suggestion:
Update to version 3.0.17
typo3/neos (PHP):
Affected version(s) =4.0.x-dev <4.0.2
Fix Suggestion:
Update to version 4.0.2
typo3/neos (PHP):
Affected version(s) >=4.2.15 <4.3.3
Fix Suggestion:
Update to version 4.3.3
typo3/neos (PHP):
Affected version(s) =3.3.24 <3.3.25
Fix Suggestion:
Update to version 3.3.25
typo3/neos (PHP):
Affected version(s) =4.1.2 <4.1.3
Fix Suggestion:
Update to version 4.1.3
bolt/bolt (PHP):
Affected version(s) =v3.2.2 <v3.2.3
Fix Suggestion:
Update to version v3.2.3
neos/neos-development-collection (PHP):
Affected version(s) =dev-event-sourced <dev-feature/90/editPreviewModeSupport
Fix Suggestion:
Update to version dev-feature/90/editPreviewModeSupport
microweber/microweber (PHP):
Affected version(s) >=1.0.8.x-dev <1.1.x-dev
Fix Suggestion:
Update to version 1.1.x-dev
neos/neos (PHP):
Affected version(s) >=4.1.5 <4.1.8
Fix Suggestion:
Update to version 4.1.8
anomaly/markdown-field-type (PHP):
Affected version(s) =2.2.x-dev <v2.2.0
Fix Suggestion:
Update to version v2.2.0
neos/neos-development-collection (PHP):
Affected version(s) =dev-task/render-api-docs <dev-task/replace-workspace-and-contentstreamfinder
Fix Suggestion:
Update to version dev-task/replace-workspace-and-contentstreamfinder
arthurgroup/websitebuilder (PHP):
Affected version(s) >=1.0.8.x-dev <1.0.10.x-dev
Fix Suggestion:
Update to version 1.0.10.x-dev
etdsolutions/marked (PHP):
Affected version(s) >=dev-master <=0.3.5
Fix Suggestion:
Update to version no_fix
neos/neos (PHP):
Affected version(s) >=5.0.8 <5.3.4
Fix Suggestion:
Update to version 5.3.4
anomaly/markdown-field_type (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
typo3/neos (PHP):
Affected version(s) >=4.0.20 <4.1.1
Fix Suggestion:
Update to version 4.1.1
bolt/bolt (PHP):
Affected version(s) =v3.2.0 <v3.2.1
Fix Suggestion:
Update to version v3.2.1
kratos/kratos (PHP):
Affected version(s) =dev-master <0
Fix Suggestion:
Update to version 0
dvlpp/sharp (PHP):
Affected version(s) >=2.0.0 <2.0.4
Fix Suggestion:
Update to version 2.0.4
wardrobe/cabinet (PHP):
Affected version(s) =dev-master <dev-redactor
Fix Suggestion:
Update to version dev-redactor
typo3/neos (PHP):
Affected version(s) >=7.0.4 <7.0.6
Fix Suggestion:
Update to version 7.0.6
adrexia/flowchart (PHP):
Affected version(s) >=dev-false-fix-new-states <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
bolt/bolt (PHP):
Affected version(s) =v3.2.13 <v3.2.14
Fix Suggestion:
Update to version v3.2.14
lindelin/lindale (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/bootstrap-select-1.13.6 <v2.0.1
Fix Suggestion:
Update to version v2.0.1
neos/neos (PHP):
Affected version(s) =3.3.16 <3.3.17
Fix Suggestion:
Update to version 3.3.17
typo3/neos (PHP):
Affected version(s) =4.3.4 <4.3.5
Fix Suggestion:
Update to version 4.3.5
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Neos/elliptic-6.5.4 <dev-dependabot/npm_and_yarn/Neos.Neos/hosted-git-info-2.8.9
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Neos/hosted-git-info-2.8.9
typo3/neos (PHP):
Affected version(s) =3.3.x-dev <3.3.1
Fix Suggestion:
Update to version 3.3.1
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.1.10.x-dev <1.1.11.x-dev
Fix Suggestion:
Update to version 1.1.11.x-dev
neos/neos-development-collection (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/Neos.Media.Browser/npm-6.14.6 <dev-dependabot/npm_and_yarn/Neos.Media.Browser/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Neos.Media.Browser/path-parse-1.0.7
neos/neos-development-collection (PHP):
Affected version(s) =dev-bwaidelich-patch-1 <dev-dfeyer-patch-1
Fix Suggestion:
Update to version dev-dfeyer-patch-1
neos/neos-development-collection (PHP):
Affected version(s) =dev-wp_overview <dev-zeroDimensionalUriPaths
Fix Suggestion:
Update to version dev-zeroDimensionalUriPaths
typo3/neos (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/ini-1.3.7 <2.0.0-RC1
Fix Suggestion:
Update to version 2.0.0-RC1
laraporto/laraporto (PHP):
Affected version(s) >=dev-master <=1.1.x-dev
Fix Suggestion:
Update to version no_fix
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/axios-0.21.1 <v1.0.0
Fix Suggestion:
Update to version v1.0.0
typo3/neos (PHP):
Affected version(s) >=5.3.8 <dev-dependabot/npm_and_yarn/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/node-sass-7.0.0
typo3/neos (PHP):
Affected version(s) =4.0.18 <4.0.19
Fix Suggestion:
Update to version 4.0.19
runcmf/runbb-ext-markitup (PHP):
Affected version(s) >=dev-master <=0.1.0
Fix Suggestion:
Update to version no_fix
lindelin/lindale (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/eventsource-1.1.1 <v1.1.5
Fix Suggestion:
Update to version v1.1.5
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-BMLM39 <dev-bugfix/relase_notes_52
Fix Suggestion:
Update to version dev-bugfix/relase_notes_52
neos/neos (PHP):
Affected version(s) >=3.0.4 <3.0.6
Fix Suggestion:
Update to version 3.0.6
sunra/angularjs-symfony2-bundle (PHP):
Affected version(s) >=dev-master <=v1.5.5
Fix Suggestion:
Update to version no_fix
neos/neos-development-collection (PHP):
Affected version(s) =dev-bugfix/sort_operation_return_type <dev-bugfix/stabilize-assetUsageProjection
Fix Suggestion:
Update to version dev-bugfix/stabilize-assetUsageProjection
schumacherfm/markdown (PHP):
Affected version(s) >=v2.0.0 <v2.1.0-rc.1
Fix Suggestion:
Update to version v2.1.0-rc.1
neos/neos (PHP):
Affected version(s) =4.1.x-dev <4.1.1
Fix Suggestion:
Update to version 4.1.1
typo3/neos (PHP):
Affected version(s) >=4.1.10 <4.1.16
Fix Suggestion:
Update to version 4.1.16
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-9mOoBn <dev-analysis-9mreo6
Fix Suggestion:
Update to version dev-analysis-9mreo6
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-admin_mobile <dev-admin_redesign
Fix Suggestion:
Update to version dev-admin_redesign
neos/neos-development-collection (PHP):
Affected version(s) =dev-analysis-PxWxDo <dev-analysis-RvGDRO
Fix Suggestion:
Update to version dev-analysis-RvGDRO
notebook (PYTHON):
Affected version(s) =5.5.0 <5.6.0
Fix Suggestion:
Update to version 5.6.0
ipython (PYTHON):
Affected version(s) >=1.0.0 <4.0.0
Fix Suggestion:
Update to version 4.0.0
notebook (PYTHON):
Affected version(s) >=4.0.1 <5.3.1
Fix Suggestion:
Update to version 5.3.1
Related Resources (2)
https://github.com/markedjs/marked/commit/cb72584c5d9d32ebfdbb99e35fb9b81af2b79686
https://github.com/markedjs/marked/issues/926
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE