CVE-2025-24981 – Parsed HTML anchor links in Markdown provided to parseMarkdown can result in XSS in @nuxtjs/mdc

https://notcve.org/view.php?id=CVE-2025-24981

06 Feb 2025 — MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. In affected versions unsafe parsing logic of the URL from markdown can lead to arbitrary JavaScript code due to a bypass to the existing guards around the `javascript:` protocol scheme in the URL. The parsing logic implement in `props.ts` maintains a deny-list approach to filtering potential malicious payload. It does so by matching protocol schemes like `javascript:` and others. These security guards can be ... • https://github.com/nuxt-modules/mdc/blob/main/src/runtime/parser/utils/props.ts#L16 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •