This issue has been created

There are 2 updates.

/

Open

Upgrade to dompurify 3.2.3

View issue · Add comment

Issue created

Manuel Leduc created this issue on 12/Dec/24 15:07

Summary:	Upgrade to dompurify 3.2.3
Issue Type:	Task
Affects Versions:	16.9.0-rc-1
Assignee:	Unassigned
Components:	Dependency Upgrades
Created:	12/Dec/24 15:07
Priority:	Major
Reporter:	Manuel Leduc
Description:	`v3.2.3`: DOMPurify 3.2.3 Compare Source Fixed two conditional sanitizer bypasses discovered by @parrot409 and @Slonser Updated the attribute clobbering checks to prevent future bypasses, thanks @parrot409 `v3.2.2`: DOMPurify 3.2.2 Compare Source Fixed a possible bypass in case a rather specific config for custom elements is set, thanks @yaniv-git Fixed several minor issues with the type definitions, thanks again @reduckted Fixed a minor issue with the types reference for trusted types, thanks @reduckted Fixed a minor problem with the template detection regex on some systems, thanks @svdb99 `v3.2.1` Compare Source `v3.2.0`: DOMPurify 3.2.0 Compare Source Added type declarations, thanks @reduckted , @philmayfield, @aloisklink, @ssi02014 and others Fixed a minor issue with the handling of hooks, thanks @kevin-mizu

2 updates

Changes by Manuel Leduc on 12/Dec/24 15:07

Fix Version:	17.0.0-rc-1
Assignee:	Manuel Leduc

This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6)

If image attachments aren't displayed, see this article.