22 matches found
uglifier incorrectly handles non-boolean comparisons during minification
The upstream library for the Ruby uglifier gem, UglifyJS, is affected by a vulnerability that allows a specially crafted Javascript file to have altered functionality after minification. This bug, found in UglifyJS versions 2.4.23 and earlier, was demonstrated to allow potentially malicious code ...
Cloudflare: Potential XSS vulnerability to HTML minification
I have already reported it through email but I was advised to post it here. Original request: https://support.cloudflare.com/hc/requests/166005 The issue --------- The HTML minification function optimizes the HTML content without validating the HTML syntax. In particular circumstances this may le...