CVE-2024-48910 Information

Nov 01, 2024 cve

Description

DOMPurify is a DOM-only super-fast uber-tolerant XSS sanitizer for HTML MathML and SVG. DOMPurify was vulnerable to prototype pollution. This vulnerability is fixed in 2.4.2.

Reference

https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc

Share on: