jacobwhall / marktext

fork of marktext, seeking to modernize our favorite markdown editor
MIT License
124 stars 3 forks source link

Fix security vulnerability CVE-2023-2318 #8

Closed jacobwhall closed 1 year ago

jacobwhall commented 1 year ago

Resolves #5

This PR includes work by @Teloshav.

Please see the issue linked above for more information. There is a related issue and PR in the upstream repository that I don't want to spam by referencing more than once.

sigaloid commented 1 year ago

Can confirm via yarn dev and the testing website referenced that it fixes the vulnerability.

jacobwhall commented 1 year ago

@sigaloid oh hey, a fellow W&M geospatial researcher!

Thanks for helping test this fix, merging now

sigaloid commented 1 year ago

I've heard great things about you from Dr. White over in the CGA! Avid user of your OSM contributions as well :smile: glad to help!

Teloshav commented 1 year ago

Not sure if it was caused by my fix or not, but copying and pasting links didn't work with my fix, chances are what changes @jacobwhall made to my initial commit fixed it but I have no clue nor time to check.