In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade justhtml to version 1.22.0 or higher.
justhtml is an A pure Python HTML5 parser that just works.
Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in the to_markdown process. An attacker can inject malicious HTML or script into rendered Markdown by including a blank line within the text of a <code> element or a <pre> element inside a link, causing unescaped content to be interpreted as live HTML or Markdown when viewed by another user.