2 matches found
XML Injection
Overview xmldom is an A pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. Affected versions of this package are vulnerable to XML Injection due to unvalidated comment serialization. When an application uses the package to create an XML comment from...
CLSA-2022-1667512639 Fix CVE(s): CVE-2016-3709
SECURITY UPDATE: Possible cross-site scripting vulnerability in libxml2 - debian/patches/CVE-2016-3709.patch: Revert commit 960f0e27 that has some problems - CVE-2016-3709 Fix parser termination from "Double hyphen within comment" error...