Description
DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari.
Remediation
References
Related Vulnerabilities
Magento Improper Authorization Vulnerability (CVE-2020-24402)
WordPress Plugin Popup-Popup More Popups Directory Traversal (2.2.4)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0)
Python Incorrect Conversion between Numeric Types Vulnerability (CVE-2008-1721)