6 matches found
SUSE CVE-2026-34601
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...
CVE-2026-34601
A flaw was found in xmldom. A remote attacker can exploit this by inserting specific character sequences, known as the CDATA Character Data terminator , into a CDATASection node. When the XML is serialized, these sequences are not properly handled, allowing them to be interpreted as active XML...
DEBIAN-CVE-2026-34601
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...
CVE-2026-34601
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...
CVE-2026-34601
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...
PT-2026-29497
Name of the Vulnerable Software and Affected Versions xmldom versions 0.6.0 and prior, and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9 Description The xmldom library contains a flaw where attacker-controlled strings including the CDATA terminator can be inserted into a CDATASection node...