Vulnerabilities/

DOMPurify Open Redirect vulnerability

Severity:
Medium

Description

DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a ‘rel=”noopener noreferrer”’ attribute.

Recommendation

Update the dompurify package to the latest compatible version. Followings are version details:

References

Related Issues

Tags:
npm
dompurify
Anything's wrong? Let us know Last updated on November 15, 2023

This issue is available in SmartScanner Professional

See Pricing