Description
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Remediation
References
Related Vulnerabilities
WordPress Plugin Polo Video Gallery-Best wordpress video gallery Cross-Site Scripting (1.2)
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)
WordPress Plugin AMP for WP-Accelerated Mobile Pages Security Bypass (0.9.97.19)
WordPress Plugin Timeline Event History PHP Object Injection (3.1)