GHSA-8hgg-xxm5-3873
GitHub Security Advisory
DOMPurify Open Redirect vulnerability
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel="noopener noreferrer"' attribute.
Affected Packages
npm
dompurify
Affected versions:
0
(fixed in 1.0.11)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 3, 2025 6:26 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.