xmldom is vulnerable to XML injection. The library correctly escapes special characters when serializing elements removed from their ancestor, potentially leading to unexpected syntactic changes during XML processing.
CPE | Name | Operator | Version |
---|---|---|---|
xmldom | le | 0.6.0 | |
xmldom | eq | 0.1.16 | |
node-xmldom:sid | eq | 0.1.27+ds-1 | |
node-xmldom:sid | eq | 0.4.0-2 | |
xmldom | le | 0.6.0 | |
xmldom | eq | 0.1.16 | |
node-xmldom:sid | eq | 0.1.27+ds-1 | |
node-xmldom:sid | eq | 0.4.0-2 |