CVE-2024-48910: dompurify: DOMPurify vulnerable to tampering by prototype pollution

Severity: Critical

CVSS Score: 9.1

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to prototype pollution. This vulnerability is fixed in 2.4.2.