Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to perform remote code execution (RCE) via injecting a crafted payload into /lib/contentState/pasteCtrl.js.Referenceshttps://github.com/marktext/marktext/issues/2990https://github.com/marktext/marktext/pull/3002
