dompurify vulnerable to Cross-site Scripting
Moderate severity
GitHub Reviewed
Published
Jan 11, 2023
to the GitHub Advisory Database
Description
Published to the GitHub Advisory Database
Jan 11, 2023
Reviewed
Jan 11, 2023
dompurify prior to version 2.2.3 is vulnerable to a cross-site scripting problem caused by nested headlines.
References