KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-25T19:53:01.320Z

Updated: 2024-08-02T00:48:49.569Z

Reserved: 2024-03-07T14:33:30.036Z

Link: CVE-2024-28245

cve-icon Vulnrichment

Updated: 2024-08-01T15:39:47.585Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-25T20:15:08.370

Modified: 2024-11-21T09:06:05.163

Link: CVE-2024-28245

cve-icon Redhat

No data.