Cross-site Scripting in dompurify

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

@5lions/library-registry-admin (=0.0.0), @adobe/helix-cli (>=3.0.0 <=5.2.0) +333 more potentially affected by CVE-2020-26870 via dompurify (>=0.6.6 <=2.0.15)

dompurify NPM version =0.6.6, =3.0.0, =2.2.0, =1.0.1, =0.6.0, =0.1.0, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.15.0, =0.7.3-dev, =0.7.3-dev, =0.7.8 - @atom-ide-community/nuclide-watchman-helpers =0.7.3-dev and more Source cves: CVE-2020-26870 Source advisory:...

GHSA-63Q7-H895-M982 Cross-site Scripting in dompurify

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

Cross-site Scripting (XSS)

dompurify is vulnerable to Cross-Site ScriptingXSS. The vulnerability exists when converting from the SVG namespace, allowing an attacker to inject and execute arbitrary Javascript...

Internet Bug Bounty: DOMPurify bypass

A mutation based bypass exists in DOMPurify when sanitizing svg elements using almost the same technique described by Michał Bentkowski @SecurityMB at https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/. A PoC payload with the DOM state before and after parsin...

DLA-2419-1 dompurify.js - security update

Bulletin has no description...

Cross-Site Scripting (XSS)

dompurify is vulnerable to cross-site scripting XSS. A mutation XSS vulnerability exists as a serialize-parse roundtrip does not return the original DOM tree, causing a namespace change from HTML to MathML via FORM elements...

CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

Session fixation

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

UBUNTU-CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

CVE-2020-26870

Removed by vendor...

CVE-2020-26870

CVE-2020-26870 affects DOMPurify up to 2.0.16/2.0.17, where a serialize-parse roundtrip can alter the DOM (namespace changes HTML→MathML, e.g., nesting FORM elements), enabling a mutation XSS. The issue is documented by Cure53 and linked analyses; a fix was released with DOMPurify 2.0.17. Related...

CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

GHSA-MJJQ-C88Q-QHR6 Cross-Site Scripting in dompurify

Versions of dompurify prior to 2.0.7 are vulnerable to Cross-Site Scripting XSS. It is possible to bypass the package sanitization through Mutation XSS, which may allow an attacker to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 2.0.7 or later...

@5lions/library-registry-admin (=0.0.0), @adobe/helix-cli (>=3.0.0 <=5.2.0) +366 more potentially affected by unknown CVE via dompurify (>=0.6.6 <=2.0.5)

dompurify NPM version =0.6.6, =3.0.0, =2.2.0, =0.0.2, =1.0.1, =0.6.0, =0.1.0, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.15.0, =0.7.3-dev, =0.7.3-dev, =0.7.8 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MJJQ-C88Q-QHR6...

Cross-Site Scripting in dompurify

Versions of dompurify prior to 2.0.7 are vulnerable to Cross-Site Scripting XSS. It is possible to bypass the package sanitization through Mutation XSS, which may allow an attacker to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 2.0.7 or later...

@5lions/library-registry-admin (=0.0.0), @adobe/helix-cli (>=3.0.0 <=5.2.0) +358 more potentially affected by CVE-2019-16728 via dompurify (>=0.6.6 <=2.0.2)

dompurify NPM version =0.6.6, =3.0.0, =2.2.0, =1.0.1, =0.6.0, =0.1.0, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.15.0, =0.7.3-dev, =0.7.3-dev, =0.7.8 - @atom-ide-community/nuclide-watchman-helpers =0.7.3-dev and more Source cves: CVE-2019-16728 Source advisory:...

Cross-Site Scripting in dompurify

Versions of dompurify prior to 2.0.3 are vulnerable to Cross-Site Scripting XSS. The package has an XSS filter bypass due to Mutation XSS in both Chrome and Safari through a combination of / elements and /. An example payload is: ". This allows attackers to bypass the XSS protection and execute...