Cure53 DOMPurify 2.0.1

CPE Details

Cure53 DOMPurify 2.0.1
2.0.1
2019-09-24
11h40 +00:00
2019-09-24
11h40 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cure53:dompurify:2.0.1:*:*:*:*:*:*:*

Informations

Vendor

cure53

Product

dompurify

Version

2.0.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-26870 2020-10-07 13h50 +00:00 Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
6.1
Medium