PT-2023-1353 · Dompdf +2 · Dompdf +2
Name of the Vulnerable Software and Affected Versions: Dompdf versions prior to 2.0.3 Description: The issue arises from the difference in attribute parsing between Dompdf and php-svg-lib, allowing an attacker to call arbitrary URLs with arbitrary protocols. Dompdf respects the xlink:href attribu...