2 matches found
XML Injection
Overview @xmldom/xmldom is a javascript ponyfill to provide the following APIs that are present in modern browsers to other runtimes. Since version 0.7.0 this package is published to npm as @xmldom/xmldom and no longer as xmldom Affected versions of this package are vulnerable to XML Injection vi...
XML Injection
Overview org.webjars.npm:xmldom is an A pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. Affected versions of this package are vulnerable to XML Injection via the createProcessingInstruction function. An attacker can inject arbitrary XML nodes into the...