Description
A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.3.2
References
Related Issues
- PrismJS DOM Clobbering vulnerability - CVE-2024-53382
- DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS - CVE-2024-47068
- DOM Clobbering Gadget found in astro's client-side router that leads to XSS - CVE-2024-47885
- Layui has DOM Clobbering gadgets that leads to Cross-site Scripting - CVE-2024-47075
- Tags:
- npm
- mavo
Anything's wrong? Let us know Last updated on March 03, 2025