CVE-2024-47075

CVE-2024-47075 concerns LayUI, a native minimalist Web UI library. The vulnerability is a DOM Clobbering flaw in versions prior to 2.9.17 that can lead to Cross‑site Scripting (XSS) on pages containing attacker‑controlled HTML elements (e.g., img tags with unsanitized name attributes). The issue ...