CVE-2025-27108

dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. In affected versions the use of javascript's .replace opens up to potential Cross-site Scripting XSS vulnerabilities with the special replacement patterns beginning with $. Particularly, when the attributes of Meta tag from...

PT-2025-7633 · Unknown · Dom-Expressions

Name of the Vulnerable Software and Affected Versions: dom-expressions versions prior to 0.39.5 Description: The issue arises from the use of JavaScript's .replace function, which opens up to potential Cross-site Scripting XSS vulnerabilities with special replacement patterns beginning with $...