Stay up to date on releases
Create your free account today to subscribe to this repository for notifications about new releases, and build software alongside 40 million developers on GitHub.
Sign up for free See pricing for teams and enterprises
- Fixed a bypass affecting latest Chrome, caused by a newly discovered Chrome mXSS vulnerability
- Added tests to cover implemented fixes
Credits go to Michał Bentkowski (@securityMB) of Securitum who spotted the bug in Chrome, turned it into a DOMPurify bypass, reported and helped verifying the fix.