DOM Purification Flaw in Cure53's Product
CVE-2020-26870

6.1MEDIUM

Key Information:

Vendor

Cure53

Status
Dompurify
Vendor
CVE Published:
7 October 2020

What is CVE-2020-26870?

A vulnerability exists in Cure53's DOMPurify versions prior to 2.0.17, which allows for mutation-based Cross-Site Scripting (XSS). This is due to a failure in the serialize-parse process, which does not consistently replicate the original DOM structure. As a result, elements can inadvertently shift from HTML to MathML, leading to potential exploitation through crafted nested FORM elements. This security issue highlights the importance of thorough sanitization practices in web applications.

References

https://research.securitum.com/mutation-xss-via-mathml-mu...
x_refsource_MISC
https://github.com/cure53/DOMPurify/commit/02724b8eb048dd...
x_refsource_MISC
https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.