WEB APPLICATION VULNERABILITIES Acunetix 360

Out-of-date Version (DOMPurify)

Summary

Acunetix 360 identified the target web site is using DOMPurify and detected that it is out of date. DOMPurify is a XSS sanitizer library for HTML, MathML and SVG.

Impact

Since this is an old version of the software, it may be vulnerable to attacks.

Remediation

Please upgrade your installation of DOMPurify to the latest stable version.

Severity

Information

Classification

PCI v3.2-6.2 CAPEC-310 CWE-1035 937 HIPAA-164.308(a)(1)(i) ISO27001-A.14.1.2 OWASP 2013-A9 OWASP 2017-A9