Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-h6p3-p4vx-wr8q: dompurify vulnerable to Cross-site Scripting

dompurify prior to version 2.2.3 is vulnerable to a cross-site scripting problem caused by nested headlines.

ghsa
Open in Source
#xss#git

dompurify vulnerable to Cross-site Scripting

Moderate severity GitHub Reviewed Published Jan 11, 2023

ghsa: Latest News

GHSA-xrrq-rrgq-h89w: static-alloc vulnerability leads to uninitialized read after allocating MemBump
ghsa