Marky version 0.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.