A vulnerability was found in lepture Mistune up to 3.2.x and classified as problematic. Affected by this vulnerability is the function
safe_url of the component HTMLRenderer. The manipulation results in HTML injection.
This vulnerability is identified as CVE-2026-59923. The attack can be executed remotely. There is not any exploit available.