-
## CVE-2019-16728 - Medium Severity Vulnerability
Vulnerable Library - dompurify-1.0.11.tgz
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in…
-
## CVE-2020-26870 - Medium Severity Vulnerability
Vulnerable Library - dompurify-1.0.11.tgz
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in…
-
Having just implemented a polyfill for elementary math, that got me thinking about some related ideas:
1. The most obvious concept related to long division is synthetic division. It is basically the …
-
Hello!
We have a setup where we share a mixin through multiple Vue components, and were hoping that this plugin would work with said structure.
This is a sample of the configuration:
The mixi…
-
Bug report for _Yarn audit_ version `1.17.3`
## How to replicate it
- create a folder with any name, for example `my-app`
- cd `my-app`
- paste this as content for a file to be called `package.j…
-
Hi all,
markdown-it recommends to not use html:true as it is known as a XSS security issue.
In this case, is there a way to avoid using v-html and instead use {{$ms.renderer(mycontentmd)}} ?
Mu…
-
```javascript
// dompurify.js on Node.js 21.6.1
import createDOMPurify from 'dompurify'; // 3.0.8
import { Window } from 'happy-dom'; // 13.3.1
import { JSDOM } from 'jsdom'; // 24.0.0
cons…
-
Hello, I'm creating events on a different page and showing events on another calendar page, so all data is being checked for xss attacks already. I want to put onclick event to my custom detail popup …
-
Currently it is very easy to just inject an iframe through this plugin. I'm fine with allowing some responsibility for the end-user, but I feel like iframes (among other) aren't part of the markdown s…
-
Hi there, thank you for providing this plugin. Though it seems that the underlying `sanitize-html` is generally not made for client-code. I get these errors while trying to use the plugin within nuxt3…