HTMLRenderer.heading() builds the opening <hN> tag by string-concatenating the id attribute value directly into the HTML — with no call to escape(), safe_entity(), or any other sanitisation function. A double-quote character " in the id value terminates the attribute, allowing an attacker to inject arbitrary additional attributes (event handlers, src=, href=, etc.) into the heading element. The default TOC hook assigns safe auto-incremented IDs (toc_1, toc_2, …) that never contain …
The mistune math plugin renders inline math ($…$) and block math ($$…$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with escape=True, which is supposed to guarantee that all user-controlled text is sanitised before reaching the DOM. The result is a silent contract violation: a developer who enables escape=True reasonably expects complete XSS protection, …
In src/mistune/directives/image.py, the render_figure() function concatenates figclass and figwidth options directly into HTML attributes without escaping (lines 152-168). This allows attribute injection and XSS even when HTMLRenderer(escape=True) is used, because these values bypass the inline renderer. Other attributes in the same file (src, alt, style) are properly escaped; figclass/figwidth were missed.
A ReDoS (Regular Expression Denial of Service) vulnerability in LINK_TITLE_RE allows an attacker who can supply Markdown for parsing to cause denial of service. A crafted 58-byte Markdown document blocks the parser for approximately 6 seconds (measured on Apple M2, Python 3.14.3), with exponential growth per additional byte pair.
Denial-of-Service (DoS) vulnerability in the Mistune Markdown parser. The issue occurs when processing specially crafted reference links, which can cause excessive parsing and CPU consumption, leading to application hangs. Function affected: parse_link_title() in helpers.py Issue: Malformed reference links cause excessive backtracking and parsing loops. Impact: Remote attackers can submit malicious Markdown to hang processes, causing service unavailability.
Denial-of-Service (DoS) vulnerability in the Mistune Markdown parser. The issue occurs when processing specially crafted reference links, which can cause excessive parsing and CPU consumption, leading to application hangs. Function affected: parse_link_title() in helpers.py Issue: Malformed reference links cause excessive backtracking and parsing loops. Impact: Remote attackers can submit malicious Markdown to hang processes, causing service unavailability.