dompurify vulnerable to Cross-site Scripting

Published: Jan 11, 2023
Updated: Apr 14, 2023
GHSA: <a href="https://github.com/advisories/GHSA-pgjv-jrg2-gq3v" target="_blank" rel="noopener"> GHSA-pgjv-jrg2-gq3v
Severity: Medium
Exploit:

dompurify prior to version 2.2.2 is vulnerable to cross-site scripting when converting from SVG namespace.