Vulnerabilities

CVE-2019-16728

by Fred · 24/09/2019

DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari.

Date published : 2019-09-24

Write-up of DOMPurify 2.0.0 bypass using mutation XSS

https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html

Similar

Tags: Cybersecurity Alert