CVE-2026-44898 | lepture mistune up to 3.2.0 Python Markdown Parser render_toc_ul ID cross site scripting (GHSA-6269-cqxg-mhhv)

A vulnerability was found in lepture mistune up to 3.2.0 and classified as problematic. Impacted is the function render_toc_ul of the component Python Markdown Parser. Such manipulation of the argument ID leads to cross site scripting.

This vulnerability is referenced as CVE-2026-44898. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More