Browse Security Advisories
Moderate Security Advisories for mermaid in npm Clear Filters
Moderate
about 3 years ago
Possible inject arbitrary `CSS` into the generated graph affecting the container HTML
npm
mermaid
Filter by Severity
Filter by Ecosystem
maven
3,135
packagist
3,007
pypi
2,022
npm
1,354
go
1,273
nuget
659
rubygems
437
cargo
411
hex
16
swift
13
actions
7
pub
3
Filter by Package
directus
23
tinymce
14
bootstrap
11
@openzeppelin/contracts-upgradeable
11
tinymce/tinymce
11
TinyMCE
11
@openzeppelin/contracts
11
ckeditor4
11
joplin
10
vite
10
ghost
10
next
9
electron
9
bootstrap
9
swagger-ui
9
bootstrap
9
angular
9
twbs/bootstrap
9
org.webjars:bootstrap
9
parse-server
8
editor.md
8
org.webjars.npm:jquery
7
bootstrap-sass
7
uptime-kuma
7
marked
7
bootstrap.sass
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
nocodb
7
validator
7
bootstrap-sass
7
jquery-ui-rails
7
jquery-ui
7
jquery
7
jquery-rails
7
nodebb
7
snyk-broker
6
jQuery
6
sanitize-html
6
undici
6
urijs
6
url-parse
6
vega
6
flowise
6
@evershop/evershop
5
vditor
5
matrix-js-sdk
5
froala-editor
5
n8n
5
katex
5
matrix-appservice-irc
5
tarteaucitronjs
5
matrix-react-sdk
4
vega-functions
4
dompurify
4
materialize-css
4
serve
4
yui
4
glance
4
rsshub
4
@directus/api
4
trix
4
petite-vue-i18n
3
public
3
@intlify/vue-i18n-core
3
valine
3
moodle/moodle
3
xlsx
3
layui
3
apollo-server-core
3
org.webjars.npm:xlsx
3
@jmondi/url-to-png
3
systeminformation
3
mattermost-desktop
3
parse-url
3
@ckeditor/ckeditor5-markdown-gfm
3
sequelize
3
@lobehub/chat
3
lodash
3
hapi
3
vue-i18n
3
statics-server
3
postcss
3
hono
3
@saltcorn/server
3
django-tinymce
3
@materializecss/materialize
3
jose
3
express
3
strapi
3
docsify
3
jose-node-cjs-runtime
3
dojo
3
follow-redirects
3
yapi-vendor
3
jose-node-esm-runtime
3
next-auth
3
m-server
3
mysql
3
@backstage/techdocs-common
3
renovate
3
typo3/cms
2
components/jquery
2
maximebf/debugbar
2
@adobe/css-tools
2
harp
2
@haxtheweb/haxcms-nodejs
2
ejs
2
webpack-dev-server
2
@directus/app
2
@excalidraw/excalidraw
2
nodemailer
2
mapbox.js
2
@fedify/fedify
2
notevil
2
@strapi/utils
2
keystone
2
connect
2
psitransfer
2
@intlify/core-base
2
simditor
2
xmldom
2
jsonwebtoken
2
mongo-express
2
tough-cookie
2
ckeditor/ckeditor
2
mcp-markdownify-server
2
i18next
2
karma
2
@intlify/core
2
summernote
2
@finastra/nestjs-proxy
2
mysql2
2
svelte
2
pug-code-gen
2
froala/wysiwyg-editor
2
drupal/drupal
2
jsrsasign
2
jsoneditor
2
aws-cdk
2
@strapi/plugin-content-manager
2
stimulsoft-dashboards-js
2
@directus/storage-driver-s3
2
jellyfin-web
2
google-closure-library
2
pug
2
matrix-appservice-bridge
2
nunjucks
2
openmct
2
jose-browser-runtime
2
nanoid
2
status-board
2
lodash-es
2
handlebars
2
@vrite/sdk
2
auth0-lock
2
fast-jwt
2
engine.io
2
sockjs
2
simple-markdown
2
node-sass
2
fastify
2
converse.js
2
@builder.io/qwik
2
pnpm
2
Umbraco.Cms.StaticAssets
2
@auth0/nextjs-auth0
2
typo3/cms-core
2
node-red-dashboard
2
erxes
2
@strapi/admin
2
bootbox
2
jszip
2
gitbook
2
html-janitor
2
aws-cdk-lib
2
quill
2
simplehttpserver
2
jspdf
2
http-proxy-middleware
2
http-file-server
2
highlight.js
2
bl
2
openc3
2
swagger-ui-dist
2
@strapi/strapi
2
uap-core
2
querymen
2
keycloak-connect
2
openpgp
2
astro
2
reveal.js
2
mapbox-rails
2
mermaid
2
node-forge
2
apostrophe
2
bodymen
2
openc3
2
org.webjars.npm:bootstrap
2
request
2