Lucene search
MichaΕ BentkowskiNODEJS:1223HistoryOct 21, 2019 - 5:42 p.m.
Cross-Site Scripting
2019-10-2117:42:06
MichaΕ Bentkowski
www.npmjs.com
17
EPSS
0.001
Percentile
47.0%
Overview
Versions of dompurify prior to 2.0.7 are vulnerable to Cross-Site Scripting (XSS). It is possible to bypass the package sanitization through Mutation XSS, which may allow an attacker to execute arbitrary JavaScript in a victimβs browser.
Recommendation
Upgrade to version 2.0.7 or later.
References
Related
nodejs
nodejs
Cross-Site Scripting
2019-10-04 19:21:25
osv
osv
CVE-2019-16728
2019-09-24 05:15:11
Cross-Site Scripting in dompurify
2020-08-28 21:25:11
dompurify.js - security update
2020-10-29 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2019-09-25 06:02:37
nvd
nvd
CVE-2019-16728
2019-09-24 05:15:11
prion
prion
Cross site scripting
2019-09-24 05:15:00
ubuntucve
ubuntucve
CVE-2019-16728
2019-09-24 00:00:00
cvelist
cvelist
CVE-2019-16728
2019-09-24 04:02:09
debiancve
debiancve
CVE-2019-16728
2019-09-24 05:15:00
cve
cve
CVE-2019-16728
2019-09-24 05:15:11
github
github
Cross-Site Scripting in dompurify
2020-08-28 21:25:11
nessus
nessus
Debian DLA-2419-1 : dompurify.js security update
2020-10-30 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2419-1)
2020-10-30 00:00:00
debian
debian
[SECURITY] [DLA 2419-1] dompurify.js security update
2020-10-29 16:03:08
githubexploit
githubexploit
Exploit for Path Traversal in Nazgul Nostromo Nhttpd
2019-10-15 09:22:36
