Dompurify Cure53 Dompurify

Do you want an email whenever new security vulnerabilities are reported in Cure53 Dompurify?

By the Year

In 2022 there have been 0 vulnerabilities in Cure53 Dompurify . Dompurify did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 1 6.10
2019 1 6.10
2018 0 0.00

It may take a day or so for new Dompurify vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Cure53 Dompurify Security Vulnerabilities

Cure53 DOMPurify before 2.0.17 allows mutation XSS

CVE-2020-26870 6.1 - Medium - October 07, 2020

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.


DOMPurify before 2.0.1

CVE-2019-16728 6.1 - Medium - September 24, 2019

DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari.


Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Cure53 Dompurify or by Cure53? Click the Watch button to subscribe.