CVE-2026-40201

@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a .md file.

medium 5.4 CVSS 3.1

Published: May 1, 2026

Modified: May 1, 2026

Description

@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a .md file.

References