showdown@1.4.0 vulnerabilities

A Markdown to HTML converter written in Javascript

Direct Vulnerabilities

Known vulnerabilities in the showdown package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • L
Reverse Tabnabbing

showdown is a JavaScript Markdown to HTML converter.

Affected versions of this package are vulnerable to Reverse Tabnabbing. ​due to the usage of target="_blank" without also adding rel="noopener noreferrer".

How to fix Reverse Tabnabbing?

Upgrade showdown to version 1.9.1 or higher.

<1.9.1