packagist league/commonmark 2.8.1
on PHP Packagist

7 hours ago

What's Changed

This is a security release to address an issue where DisallowedRawHtml can be bypassed, resulting in a possible cross-site scripting (XSS) vulnerability.

Fixed

  • Fixed DisallowedRawHtmlRenderer not blocking raw HTML tags with trailing ASCII whitespace (GHSA-4v6x-c7xx-hw9f)
  • Fixed PHP 8.5 deprecation (#1107)

New Contributors

Full Changelog: 2.8.0...2.8.1

Check out latest releases or
releases around league/commonmark 2.8.1

Don't miss a new commonmark release

NewReleases is sending notifications on new releases.

Get notifications