EEF-CVE-2026-53427

## Summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown.

When syntax highlighting and full info-string forwarding (render: \[full\_info\_string: true\]) are enabled, the Lumis adapter copies the value of a code fence's highlight\_lines\_class info-string attribute, unescaped, into the class attribute of every rendered line. comrak\_nif::lumis\_adapter::LumisAdapter::parse\_custom\_attributes in native/comrak\_nif/src/lumis\_adapter.rs shlex-parses the info string and stores each key=value pair verbatim, highlight\_lines\_config pulls highlight\_lines\_class into the per-line class value, and write\_highlighted interpolates that value directly into the class attribute of the per-line <div>. A single-quoted shell token preserves an inner double quote through shlex parsing, so a value such as '"><script>alert(1)</script>' terminates the class attribute early and the markup that follows is emitted as live HTML.

An attacker who can submit Markdown (through comments, posts, wiki pages, documentation, or any user-generated content) can inject arbitrary HTML and JavaScript that runs in the browser of every user who views the rendered output, enabling session theft, account takeover, and other client-side attacks. No authentication or special privileges are required.

The vulnerable native code originally shipped inside mdex (in native/comrak\_nif/src/lumis\_adapter.rs) and was later extracted into the separate mdex\_native package (native/mdex\_native\_nif/src/lumis\_adapter.rs), where it remains unpatched.

This issue affects mdex from 0.11.3 before 0.12.3, and mdex\_native from 0.1.0 before 0.2.3.

## Workaround

Do not enable full info-string forwarding (render: \[full\_info\_string: true\]) when rendering untrusted Markdown, which prevents the highlight\_lines\_class attribute from reaching the highlighter. Alternatively, restrict highlight\_lines\_class values to a safe character set (for example \[A-Za-z0-9\_- \]) before rendering.

## Configuration

The vulnerable code path is only reachable when MDEx is configured with a syntax-highlighting formatter (for example syntax\_highlight: \[formatter: {:html\_inline, ...}\] or {:html\_linked, ...}) and with full info-string forwarding enabled (render: \[full\_info\_string: true\]). Full info-string forwarding is required for comrak to hand the highlight\_lines\_class attribute to the highlighter, so any application that uses the line-highlighting attributes already has it enabled.