league/commonmark Security Advisories for 0.17.0 (2)
-
[MEDIUM] XSS vulnerability with double-encoded entities
PKSA-nyyp-2pk1-frkz CVE-2019-10010 GHSA-3v43-877x-qgmq
Affected version: <0.18.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] XSS vulnerability with unsafe link protocols
PKSA-g6p7-7rfc-zbp2 CVE-2018-20583 GHSA-qx76-c53f-5c7q
Affected version: >=0.15.6,<0.18.1
Reported by:
GitHub, FriendsOfPHP/security-advisories