CVE-2020-26870

CWE-79Cross-site Scripting (XSS)10 documents6 sources
Severity
6.1MEDIUM
EPSS
0.4%
top 38.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Cure53 DompurifyOracle Application ExpressDebian Debian Linux+2 more
Timeline
PublishedOct 7
Latest updateJan 15

Description

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages5 packages

NVDcure53/dompurify< 2.0.17
npmdompurify< 2.0.17
NVDoracle/application_express< 21.1.0.00.01

Also affects: Debian Linux 9.0

Patches

Patch: github.comPatch: github.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

6
GHSA
Reflected XSS in Gotify's /docs via import of outdated Swagger UI2023-01-10
GHSA
Cross-site Scripting in ammonia2021-08-25
GHSA
Cross-site Scripting in dompurify2020-12-18
OSV
Cross-site Scripting in dompurify2020-12-18
CVEList
CVE-2020-26870: Cure53 DOMPurify before 22020-10-07

📋Vendor Advisories

3
Oracle
Oracle Oracle Retail Applications Risk Matrix: Internal Operations (DOMPurify) — CVE-2020-268702024-01-15
Oracle
Oracle Oracle Database Server Risk Matrix: Oracle Application Express Application Builder (DOMPurify) — CVE-2020-268702021-07-15
Microsoft
Visual Studio Remote Code Execution Vulnerability2021-01-12
CVE-2020-26870 (MEDIUM CVSS 6.1) | Cure53 DOMPurify before 2.0.17 allo | cvebase.io