2 matches found
Cross-site Scripting (XSS)
Overview dompurify is a DOM-only XSS sanitizer for HTML, MathML and SVG. Affected versions of this package are vulnerable to Cross-site Scripting XSS when sanitized HTML is reinserted into a new parsing context using innerHTML and special wrappers such as script, xmp, iframe, noembed, noframes, o...
SUSE CVE-2018-16428
In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference...