26 matches found
CVE-2026-41240
DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBIDTAGS and FORBIDATTR handling when function-based ADDTAGS is used. Commit c361baa added an early exit for FORBIDATTR at line 1214. The same fix was not...
CVE-2026-40301
DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize allows...
CVE-2026-40301 rhukster/dom-sanitizer: SVG <style> tag allows CSS injection via unfiltered url() and @import directives
DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize allows elements in SVG content but never inspects their text content. CSS url references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to...
CVE-2026-40301
DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize allows...
CVE-2026-40301
Summary of CVE-2026-40301 : The PHP library rhukster/dom-sanitizer (and related advisories) contains a flaw prior to version 1.0.10 where DOMSanitizer::sanitize() does not inspect the text content of elements inside SVG. As a result, CSS rules using url() and @import can reference attacker-contr...
Cross-site Scripting (XSS)
Overview rhukster/dom-sanitizer is an a simple but effective DOM/SVG/MathML Sanitizer for PHP 7.4+. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the sanitize process. An attacker can cause the browser to send HTTP requests to attacker-controlled hosts, exfiltrat...
GHSA-93VF-569F-22CQ rhukster/dom-sanitizer: SVG <style> tag allows CSS injection via unfiltered url() and @import directives
Summary DOMSanitizer::sanitize allows elements in SVG content but never inspects their text content. CSS url references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to attacker-controlled hosts when the sanitized SVG is rendered. Details In...
rhukster/dom-sanitizer: SVG <style> tag allows CSS injection via unfiltered url() and @import directives
Summary DOMSanitizer::sanitize allows elements in SVG content but never inspects their text content. CSS url references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to attacker-controlled hosts when the sanitized SVG is rendered. Details In...
PT-2026-32980
Summary DOMSanitizer::sanitize allows elements in SVG content but never inspects their text content. CSS url references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to attacker-controlled hosts when the sanitized SVG is rendered. Details In...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of internationalized attribute bindings. An attacker can execute arbitrary scripts in the context of the application by injecting malicious input into attributes such as href, src, or similar, wh...
Cross-site Scripting (XSS)
Overview @angular/core is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this...
EUVD-2020-7663
Malware in sbrugna...
CentOS 7 : firefox (RHSA-2020:4080)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4080 advisory. - In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds...
CentOS 6 : firefox (RHSA-2020:3835)
The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3835 advisory. - Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption an...
CVE-2023-49146
DOMSanitizer aka dom-sanitizer before 1.0.7 allows XSS via an SVG document because of mishandling of comments and greedy regular expressions...
NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2021-0018)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition...
CVE-2020-15676
CVE-2020-15676 affects Firefox (and related Mozilla products) where the onload handler for SVG elements could run after the DOM sanitizer removed content, enabling JavaScript execution when pasting attacker-controlled data into a contenteditable area. Affected versions: Firefox < 81, Thunderbi...
CVE-2020-15676
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...