CVE-2021-32796 – xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMPars …

27 July 2021

Vuln ID: CVE-2021-32796

Published: 2021-07-27 22:15:07Z

Description: xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.

Source: NVD.NIST.GOV

Date:

27 July 2021

Categorie(s):

NVD

Tag(s):

NVD

Nokod Security Platform secures low-code/no-code development environments and apps3 May 2024
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources3 May 2024
Lenovo launches AI-based Cyber Resiliency as a Service3 May 2024
These Dangerous Scammers Don’t Even Bother to Hide Their Crimes3 May 2024
Edgio ASM reduces risk from web application vulnerabilities3 May 2024