CVE-2024-22420: Unsanitized Markdown Render Innerhtml
Direct assignment of un-sanitized parsed markdown or HTML to innerHTML can lead to DOM-based Cross-Site Scripting (XSS). Use a sanitizer such as DOMPurify or a secure rendering method.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
TS
TSgreprules fetch cve-2024-22420-unsanitized-markdown-render-innerhtml --engine opengrepDescription
Direct assignment of un-sanitized parsed markdown or HTML to innerHTML can lead to DOM-based Cross-Site Scripting (XSS). Use a sanitizer such as DOMPurify or a secure rendering method.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0