Vulnerabilities > Cure53
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-07 | CVE-2019-25155 | Open Redirect vulnerability in Cure53 Dompurify DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel="noopener noreferrer"' attribute. | 6.1 |
2020-10-07 | CVE-2020-26870 | Cross-site Scripting vulnerability in multiple products Cure53 DOMPurify before 2.0.17 allows mutation XSS. | 6.1 |
2019-09-24 | CVE-2019-16728 | Cross-site Scripting vulnerability in multiple products DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari. | 6.1 |