Intel

AIKIDO-2026-337213

@milkdown/components is vulnerable to Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
Published Today

54

Medium Risk

This Affects:

JS@milkdown/components
7.4.0 - 7.21.2
Fixed in 7.21.3
Are you affected? Scan for Free

TL;DR

The link-tooltip preview renders the stored link href into a real clickable anchor that lives outside the contenteditable area, and the edit tooltip's DOMPurify.sanitize(href) call only sanitizes HTML markup rather than bare URL strings, so a javascript: scheme passes through unchanged. A stored unsafe-scheme link therefore becomes a directly clickable script sink in the tooltip UI. The fix applies the sanitizeLinkHref scheme allowlist to the preview anchor and replaces the ineffective sanitizer in the edit tooltip, adding rel="noopener noreferrer". The original URL is still displayed as inert text.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range, integrate the link-tooltip component, and display or edit links whose href values can come from untrusted content.

Background info

@milkdown/components is vulnerable to Cross-Site Scripting (XSS) in versions 7.4.0 - 7.21.2.

How to fix this

Upgrade the @milkdown/components library to the patch version.