Ecosystem	Package	Version

Vulnerabilities

sonatype-2025-004485

sonatype-2025-004485

prosemirror_to_html - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published Nov 9, 2025

https://github.com/advisories/GHSA-vfpf-xmwh-8m65 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/prosemirror_to_html/GHSA-vfpf-xmwh-8m65.yml https://osv-vulnerabilities.storage.googleapis.com/RubyGems/GHSA-vfpf-xmwh-8m65.json

CVSS ScoreHigh

7.6

Ecosystem	Package	Version


gem	prosemirror_to_html	0.1.0
gem	prosemirror_to_html	0.2.0

sonatype-2025-004485 | Components Impacted | Sonatype Guide | Sonatype Guide