Cure53 DOMPurify prior to 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cure53 dompurify |
||
debian debian linux 9.0 |
||
microsoft visual studio 2017 15.9 |
||
microsoft visual studio 2019 16.0 |
||
microsoft visual studio 2019 16.4 |
||
microsoft visual studio 2019 16.8 |
||
microsoft visual studio 2019 16.7 |
||
oracle application express |