CVE-2021-23974

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

Hardcoded credentials

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

UBUNTU-CVE-2021-23974

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

CVE-2021-23974

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

CVE-2021-23974

CVE-2021-23974 affects Mozilla Firefox earlier than version 86. The root cause is improper handling of elements by the DOMParser API, enabling a mXSS vector that could bypass HTML sanitizers. Affected/related advisories (e.g., MFSA2021-07) confirm the DOMParser issue among Firefox vulnerabilitie...

CVE-2021-23974

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

CVE-2021-23974

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

CVE-2021-23974

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...

Cross-site Scripting(XSS)

firefox is vulnerable to cross-site scripting The DOMParser API did not properly process elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer...

Mozilla Firefox < 86.0

The version of Firefox installed on the remote Windows host is prior to 86.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-07 advisory. - Mozilla developers Tyson Smith, Lars T Hansen, Valentin Gosu, and Sebastian Hengst reported memory safety bugs present ...

Fedora 33 : python-lxml (2020-0e055ea503)

This update fixes mXSS security vulnerability due to the use of improper parser CVE-2020-27783 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

Fedora 32 : python-lxml (2020-307946cfb6)

This update fixes mXSS security vulnerability due to the use of improper parser CVE-2020-27783 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

CVE-2019-16728

Summary: CVE-2019-16728 affects DOMPurify prior to 2.0.1, enabling cross-site scripting via innerHTML mutation XSS (mXSS) in SVG or MATH elements, demonstrated in Chrome and Safari. Affected component: DOMPurify (HTML, MathML, SVG sanitization code). Root cause: improper handling of innerHTML mut...

Google Chrome < 62.0.3202.62 Multiple Vulnerabilities

Binary data 700346.pasl...

Cross-site Scripting (XSS)

dompurify is vulnerable to cross-site scripting vulnerability. It is possible because of a broken logical check in handling both the recent Safari DOMParser XSS and a Firefox mXSS...

Cross-site Scripting (XSS)

Overview angularjs is a Affected versions of this package are vulnerable to Cross-site Scripting XSS. This error occurs when $sanitize sanitizer tries to check the input for possible mXSS payload and the verification errors due to the input mutating indefinitely. This could be a sign that the...