Skip to content

1.0.27

Choose a tag to compare

@ratava ratava released this 10 Mar 20:25

1.0.27 Security Hardening Fixes

  • XSS via SVG injection (sanitization + validation)
  • URL manipulation leading to XSS (URL validation + protocol blocking)
  • Insufficient input sanitization (comprehensive validation)
  • DOM-based XSS risks (HTML escaping helpers)
  • Configuration validation (type checking + bounds)
  • Prototype pollution risks (dangerous key blocking)
  • Resource exhaustion (rate limiting)