FLAT-JP2ZY (CVE-2026-47423)
Reflected cross-site scripting (XSS) In dompurify
6.5
Medium
Ecosystem: Npm
Package: dompurify
FLAT-HOA76 (CVE-2026-41239)
Reflected cross-site scripting (XSS) In node-dompurify
5.9
Medium
Ecosystem: Debian
Package: node-dompurify
FLAT-IBKC7 (CVE-2026-41240)
Reflected cross-site scripting (XSS) In node-dompurify
2.3
Low
Ecosystem: Debian
Package: node-dompurify
FLAT-6YQL7 (CVE-2026-41238)
Prototype Pollution In node-dompurify
4.0
Medium
Ecosystem: Debian
Package: node-dompurify
FLAT-GWP3J (GHSA-39q2-94rc-95cp)
Insecure functionality In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify
FLAT-RQ2RR (GHSA-cjmm-f4jc-qw8r)
Improper resource allocation In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify
FLAT-BCE3W (GHSA-cj63-jhhr-wcxv)
Prototype Pollution In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify
FLAT-N3GBE (GHSA-h8r8-wccr-v5f2)
Reflected cross-site scripting (XSS) In dompurify
2.7
Low
Ecosystem: Npm
Package: dompurify
FLAT-V6BX7 (CVE-2026-0540)
Reflected cross-site scripting (XSS) In dompurify
1.2
Low
Ecosystem: Npm
Package: dompurify
FLAT-MBX0F (CVE-2025-15599)
Reflected cross-site scripting (XSS) In dompurify
1.2
Low
Ecosystem: Npm
Package: dompurify
FLAT-SYSEI (CVE-2025-48050)
Lack of data validation - Path Traversal In node-dompurify
2.7
Low
Ecosystem: Debian
Package: node-dompurify
FLAT-04RHB (CVE-2025-26791)
Reflected cross-site scripting (XSS) In dompurify
0.5
Low
Ecosystem: Npm
Package: dompurify
FLAT-MSZOW (DSA-5790-1)
Server side cross-site scripting In node-dompurify
1.3
Low
Ecosystem: Debian
Package: node-dompurify
FLAT-M0UGY (CVE-2024-47875)
Reflected cross-site scripting (XSS) In dompurify
4.8
Medium
Ecosystem: Npm
Package: dompurify
FLAT-S3SAZ (MAL-2024-9052)
Use of software with malware In express-dompurify
5.2
Medium
Ecosystem: Npm
Package: express-dompurify
FLAT-99N8L (CVE-2024-45801)
Prototype Pollution In dompurify
4.9
Medium
Ecosystem: Npm
Package: dompurify
FLAT-2TXOA (CVE-2019-25155)
Uncontrolled external site redirect In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify
FLAT-JX864 (GHSA-h6p3-p4vx-wr8q)
Reflected cross-site scripting (XSS) In dompurify
1.3
Low
Ecosystem: PyPI
Package: dompurify
FLAT-9BAYJ (GHSA-pgjv-jrg2-gq3v)
Reflected cross-site scripting (XSS) In dompurify
1.3
Low
Ecosystem: PyPI
Package: dompurify
FLAT-7MX4X (CVE-2020-26870)
Reflected cross-site scripting (XSS) In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify
FLAT-838IA (DLA-2419-1)
Server side cross-site scripting In dompurify.js
1.3
Low
Ecosystem: Debian
Package: dompurify.js
FLAT-I4GGG (GHSA-mjjq-c88q-qhr6)
Reflected cross-site scripting (XSS) In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify
FLAT-7A12H (CVE-2019-16728)
Reflected cross-site scripting (XSS) In dompurify
1.3
Low
Ecosystem: Npm
Package: dompurify