DOMPurify 2.0.1
- Fixed a bypass affecting latest Chrome, caused by a newly discovered Chrome mXSS vulnerability
- Added tests to cover implemented fixes
Credits go to Michał Bentkowski (@securityMB) of Securitum who spotted the bug in Chrome, turned it into a DOMPurify bypass, reported and helped verifying the fix.