dompurify

DOMPurify contains a Cross-site Scripting vulnerability

Cross-Site Scripting in dompurify

Cross-site Scripting in dompurify

DOMPurify Open Redirect vulnerability

DOMPurify USE_PROFILES prototype pollution allows event handlers

DOMPurify's ADD_TAGS function form bypasses FORBID_TAGS due to short-circuit evaluation

DOMPurify allows tampering by prototype pollution

DOMPurify is vulnerable to mutation-XSS via Re-Contextualization

DOMPurify allows Cross-site Scripting (XSS)

DOMPurify contains a Cross-site Scripting vulnerability

DOMPurify: Hook mutation of `data.allowedTags` / `data.allowedAttributes` permanently pollutes `DEFAULT_ALLOWED_TAGS` / `DEFAULT_ALLOWED_ATTR`

DOMPurify: SAFE_FOR_TEMPLATES bypass - template expressions survive sanitization inside <template> content when using DOM output modes

DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks

DOMPurify: IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM

DOMPurify IN_PLACE Sanitization Bypass via Attached Shadow Root Inside <template>.content

DOMPurify: Trusted Types policy survives `clearConfig()` and can poison later `RETURN_TRUSTED_TYPE` output

DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects

DOMPurify has a SAFE_FOR_TEMPLATES bypass in RETURN_DOM mode

DOMpurify has a nesting-based mXSS

DOMPurify XSS via selectedcontent re-clone

DOMPurify ADD_ATTR predicate skips URI validation

DOMPurify: FORBID_TAGS bypassed by function-based ADD_TAGS predicate (asymmetry with FORBID_ATTR fix)

DOMPurify: Prototype Pollution to XSS Bypass via CUSTOM_ELEMENT_HANDLING Fallback

DOMPurify: Permanent `ALLOWED_ATTR` pollution via `setConfig()` bypassing the hook clone-guard (incomplete fix of the 3.4.7 hook-pollution patch)

Malicious code in express-dompurify (npm)