Reflected cross-site scripting (XSS) In dompurify
Description
dompurify vulnerable to Cross-site Scripting dompurify prior to version 2.2.2 is vulnerable to cross-site scripting when converting from SVG namespace.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 pypi | 2.2.2 |
Aliases
1.
References
1. 2.