2021-08-08 05:10:53
mitre
PUBLISHED
An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.