@sonar_research : 🧵 [1/4] Here is our DOMPurify 3.2.1 bypass, using a namespace confusion technique where each element is initially in a “correct” namespace. When it was allowed, the ‘is’ attribute was not handled correctly, making the attribute content’s regex check obsolete. #mXSS #XSS • TwiCopy

Sonar Research

@sonar_research

+ Follow

Cutting-edge security research by @SonarSource to educate the world about code security across all software.

We're also at @[email protected] 🦣

ID: 734164442997501952

linkhttps://www.sonarsource.com/blog/tag/security/ calendar_today21-05-2016 23:30:18

1,1K Tweet

10,10K Takipçi

7 Takip Edilen

Sonar Research

@sonar_research

9 months ago

🧵 [1/4] Here is our DOMPurify 3.2.1 bypass, using a namespace confusion technique where each element is initially in a “correct” namespace. When it was allowed, the ‘is’ attribute was not handled correctly, making the attribute content’s regex check obsolete. #mXSS #XSS

thumb_up_off_alt145

chat_bubble_outline2

repeat42

shareShare