Vulnerabilities > Cure53 > Dompurify > 2.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-07 | CVE-2020-26870 | Cross-site Scripting vulnerability in multiple products Cure53 DOMPurify before 2.0.17 allows mutation XSS. | 6.1 |
| 2019-09-24 | CVE-2019-16728 | Cross-site Scripting vulnerability in multiple products DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari. | 6.1 |