Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
DOMPurify URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2019-25155 - Vulnerability Database
DOMPurify

DOMPurify URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2019-25155

Medium
Reference: CVE-2019-25155
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-25155
Title: DOMPurify URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 39relquotnoopener noreferrerquot39 attribute.