JustAppSec
CRITICAL SeverityCVSS 3.110.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

CVE-2024-47875

Last updated Nov 03, 2025 · Published Oct 11, 2024

← Back to list

Description

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.

Affected products

1 listed
  • cure53:DOMPurify

Mappings

CWE

CWE-79

CAPEC

None listed.

CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms

Need help?Get in touch.