greprules.io
Sign inSubmit rule
Explore/cve-2026-47759-unsanitized-dynamic-attribute-restore

CVE-2026-47759: Unsanitized Dynamic Attribute Restore

Extracting and restoring prefixed internal attributes without subsequent sanitization of the constructed element can lead to stored XSS.

Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0typescript
greprules fetch cve-2026-47759-unsanitized-dynamic-attribute-restore --engine opengrep

Description

Extracting and restoring prefixed internal attributes without subsequent sanitization of the constructed element can lead to stored XSS.

Detection target

Not provided

Recommended fix

Not provided

False-positive notes

Not provided

License
Apache-2.0
Source context
Public repository
Source
Provally CVE rule catalog
Validation status
Verified
Trust signals
115 downloads0 direct115 via packs
· 0 stars · Trust score 61How trust works
Included packs
2 packs

Community feedback

Sign in to report false positives, mark this rule useful, or suggest metadata improvements.

Mark usefulReport false positiveSuggest metadata