Reapply "Merge pull request #5 from AikidoSec/test-pr-5"

This reverts commit 180428b.

Author: SemProvoost

input/new.json

@@ -1,22 +1,31 @@
 {
-  "package_name": "",
-  "patch_versions": [],
-  "vulnerable_ranges": [],
-  "cwe": [],
-  "tldr": "",
-  "doest_this_affect_me": "",
-  "how_to_fix": "",
-  "reporter": "",
-  "vulnerable_to": "",
-  "related_cve_id": "",
-  "language": "",
-  "severity_class": "",
-  "aikido_score": 0,
-  "changelog": "",
-  "package_name_alias": null,
-  "package_wildcard_ends_in": null,
-  "package_wildcard_contains": null,
-  "extra_specific_non_vulnerable_versions": null,
-  "unaffected_distros": null,
-  "simplify_version_if_has_patch_part": false
-}
+    "package_name": "@tiptap/extension-link",
+    "patch_versions": [
+        "2.10.4"
+    ],
+    "vulnerable_ranges": [
+        [
+            "2.0.0",
+            "2.10.3"
+        ]
+    ],
+    "cwe": [
+        "CWE-79"
+    ],
+    "tldr": "Affected versions of this package do not validate link protocols before setting or toggling links, making them vulnerable to Cross-site Scripting (XSS). Attackers can exploit this flaw to inject malicious scripts, potentially compromising user data or executing unauthorized actions.",
+    "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+    "how_to_fix": "Upgrade the `@tiptap/extension-link` library to the patch version.",
+    "reporter": "",
+    "vulnerable_to": "Cross-site Scripting (XSS)",
+    "related_cve_id": "",
+    "language": "JS",
+    "severity_class": "MEDIUM",
+    "aikido_score": 46,
+    "changelog": "https://github.com/ueberdosis/tiptap/releases/tag/v2.10.4",
+    "package_name_alias": null,
+    "package_wildcard_ends_in": null,
+    "package_wildcard_contains": null,
+    "extra_specific_non_vulnerable_versions": null,
+    "unaffected_distros": null,
+    "simplify_version_if_has_patch_part": false
+}